| www.amdahost.com/media/logo.png | 172.67.183.69 | 200 OK | 26 kB |
URL GET HTTP/3www.amdahost.com/media/logo.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 382 x 70, 8-bit/color RGBA, non-interlaced Hash9c5c0fe1ed466c1a4801524b31777955 eb7bfae0af480eae554a937a9f64e96a0a4f734a 62b08c1489fff9fb4cf4d33857fb46d4f8298c3f74fc57f92279bdad95472640
GET /media/logo.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:05 GMT
content-type: image/png
content-length: 25625
last-modified: Fri, 15 Mar 2024 19:45:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 340
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyuzPzzjgD8P%2FH0yb7jGkNcE5mbYqg48UQVD53L3qFziH%2Fk4QKs7aGoeJyICYWCk3GRa8CKoo6ctpH7z%2Fr%2BPRa7NmjnX0X5%2Bv%2BT05NLlHonXVrP4Ka1JtYu%2Bcuwz3%2Bt25rEw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f7f7ffb756cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.65.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.65.229:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 02:20:05 GMT
age: 5267095
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.130.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.130.217:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Wed, 08 May 2024 02:20:05 GMT
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/4/js/233169 | 88.208.22.4 | 200 OK | 6.6 kB |
URL GET HTTP/232879.2481april2024.com/4/js/233169 IP88.208.22.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeJavaScript source, ASCII text, with very long lines (16647), with no line terminators Hash90e3301a885cd353943057045de0e7dc f3e70ecdfa170a5f5516fb4cd30193074c7fd609 8f0d891091ee828e4a15ba9bd2f3c6e7678147a49e8034c027e8d4658930f4c6
GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6575
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 104.22.20.144 | 200 OK | 114 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP104.22.20.144:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size114 kB (113634 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:05 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 626893
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f7f8a98eb4f4-OSL
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 216.58.207.234 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP216.58.207.234:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:07:52 GMT
expires: Sat, 03 May 2025 02:07:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 432734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/watch_direct.php?id=c7c3a08a8a | 172.67.183.69 | 200 OK | 27 kB |
URL User Request GET HTTP/2www.amdahost.com/watch_direct.php?id=c7c3a08a8a IP172.67.183.69:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6442), with CRLF, LF line terminators Hashbf2edde6087afebbb2e0224acd605a38 77aab234fdd36b27bd84c27025a2c8c80fdf2373 91b78d6fe37bad002a2396f1c756f991f7af8463face6b909fd2e0dd04ad9c1a
GET /watch_direct.php?id=c7c3a08a8a HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af; path=/; domain=.amdahost.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FV8FH4YUy7q8Ou%2FudRStBMcRq4H8%2B3LDL5zS51NM6fGPEjnOsPrky%2B31tsBUJCJPtpMgicWkL6iZN5Cla%2FwFaoysvJtBqbKI01dKzYb80wHieYdcPfGSR%2FlLRXd%2F1sVeeV1a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f7f43c3f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13184, version 1.0 Hash37b12babb3bd0f9d9587cc8ca89a19b9 49cfe5b31144493cec4f21dc63fb2f1051061b45 73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:41:24 GMT
expires: Fri, 02 May 2025 02:41:24 GMT
cache-control: public, max-age=31536000
age: 517122
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 | 216.58.207.227 | 200 OK | 14 kB |
URL GET HTTP/2fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13820, version 1.0 Hash2dd698f2699a5ef991625825011bff90 523ff9357131751e57dd78cb92b218a49a130d1d 02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
GET /s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:34:50 GMT
expires: Fri, 02 May 2025 02:34:50 GMT
cache-control: public, max-age=31536000
age: 517516
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334527725341696&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334527725341696&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334527725341696&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:06 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
UID=240507212035819e25a87844bfb3c7228af0; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.183.69 | 302 Found | 0 B |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 02:20:07 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrLgSo0311IwIxpOfEXQV4TfmcGVv2QNPi5ANO5ALubgO8DSUComQiBQuFOpLxybI5YVdM1OOLwz3rgMcGQyklah%2FH9e1pZv1VSeSfZRXwq0VfcUwmdw%2F2bnm4cRxWsbAW7u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f8014b5356cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clpbfgwszbs6w01swh5kzg&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334527725341696&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 41 kB |
URL GET HTTP/2b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clpbfgwszbs6w01swh5kzg&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334527725341696&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Hashda4f692516e9cac34f121225bc171532 996b096b8dbe8c98b8b29bf4b25ebfca533f46dc 5a1f79a8c593a80424cba617664d464ba79d013fd48c6417f4c6fac5c2900e9d
GET /get/2020088?zoneid=2020088&jp=_clpbfgwszbs6w01swh5kzg&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4334527725341696&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
UID=24050721203674673dfeed493b9ffda0fedd; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png | 172.67.25.161 | 200 OK | 43 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png IP172.67.25.161:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Hashbec3572ed077c92240ef0dd7dc17231d e278cd647e65b5f04ba1d582d05f76d5dfafd125 eb304641419d09e779018fe3bf31596d3ed3ad0d4ab05c716ce626152aa417ec
GET /pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: image/webp
content-length: 42912
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=66221
content-disposition: inline; filename="082d6d41f9bd3220a660f2a4108986b2b367f0e4.webp"
etag: 20c64ca88091db62ea69001a7382f005
expires: Fri, 10 May 2024 00:45:35 GMT
last-modified: Mon, 23 Dec 2019 08:43:03 GMT
vary: Accept
x-openstack-request-id: tx9d94ab9f187b4137bb135-0061b079d0
x-proxy-cache: HIT
x-timestamp: 1577090582.49776
x-trans-id: tx9d94ab9f187b4137bb135-0061b079d0
cf-cache-status: HIT
age: 5672
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8805f8029d7b0b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 172.67.25.161 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP172.67.25.161:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Fri, 10 May 2024 00:45:22 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 5685
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8805f802bd830b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 172.67.183.69 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2810
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGMeRW2H9nndwcaSl3vOg09HGGHbwZL8WWm%2BUHY7Ls%2BMby4bQ1T4aBAHIac39QjAjnMzNVvnGHA0h8KzAGdec3FT2Qt9ZZYwuvbn8YOExjtsuvemd%2BLbcDUBIq3qJHXvOP61"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f8043c7c56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/favicon-16x16.png | 172.67.183.69 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 88
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPca1BfjusENxrgGK8J%2BPrBTeO5EXK2PaTzH614uCvz3aw7o6Ca65kIeO%2FR%2FYIO4BXcqSUZ9IYSi6D9FVybdV%2Ff1BtNmA76854qv0TCJrWZlRZT%2FJmnTQ7a%2F54gTHb7jbbOg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f8043c7d56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8805f7f43c3f1c0e | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8805f7f43c3f1c0e IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8805f7f43c3f1c0e HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12194
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=g._3Nz0ByrvIXGGQDoqna3wNVaM1lzm0sSWV8Si4zIs-1715134807-1.0.1.1-Qbv4ddqzDoxpEWZ6k5247t0bu73axx1cn33w49S_kdtJza8CNMLnWi5u0ICYA2ow4o99RZvNdGmH09C.lEEWyw; path=/; expires=Thu, 08-May-25 02:20:07 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUXUokXHtPHEGEROGyr%2B6wFezd1gFXd1wOi9gVAGLQxBV3%2BgumeMSZnKW0oC%2BrqnMkl6zqo0EYmHw%2FV%2B1yBT2xGgihOdNzL%2FK2gFHB4auGD%2FabCE%2FHPPvAmUINltGtPH4%2Fqf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8042c7956cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 172.217.21.162 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP172.217.21.162:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Wed, 08 May 2024 02:20:07 GMT
expires: Wed, 08 May 2024 02:20:07 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7176774975609922767
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 08 May 2024 02:25:07 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.24 | 200 OK | 99 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typegzip compressed data, from Unix Hashb940977864dff7a21619ebbd9072a341 aeeb9a313a5f8df8c0677a5ac586677240430bbc 40419993742a6852a8e66dcc206289fd82a58b3a48d377398784d564965a2891
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3+kAAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af585630ef0168a356e13a6697155b04
x-accel-expires: @1715204572
x-accel-date: 1715118172
x-77-cache: HIT
x-77-age: 16634
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 16634
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| bid.mbidtg.com/tags/179977?version_name=d | 45.133.44.24 | 200 OK | 2.7 kB |
URL GET HTTP/2bid.mbidtg.com/tags/179977?version_name=d IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectbid.mbidtg.com Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67 ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT
Hash5bed99d5c9dc33e506ee6afe691c854e 4f8f379c6e0f8ae029d0fa8a4e913b2a8a0867c7 85e6ea010962a1e5f2e892e87fc57e2ae2d52449748610426a5e16d8651302c1
GET /tags/179977?version_name=d HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714980022_a387f7b1983164bf.mp4 | 172.67.183.69 | 206 Partial Content | 5.1 MB |
URL GET HTTP/3www.amdahost.com/videos/1714980022_a387f7b1983164bf.mp4 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size5.1 MB (5073701 bytes) Hashd8f9970d3af0f5d071a51f9c73fd83dd 27d80abc95b4e22782f619b789a7f7ac9584d091 73afac19c70cf5d3be316145e4157182f1379dd145d9628fca08fb5da691b9f3
GET /videos/1714980022_a387f7b1983164bf.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Wed, 08 May 2024 02:20:07 GMT
content-type: video/mp4
content-length: 367111875
etag: "15e1aec3-663884b6-458045b;;;"
last-modified: Mon, 06 May 2024 07:20:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-367111874/367111875
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8i%2B2BPae7mWTSRlcOY0E60uJDR7bdFvt0k%2Bk1PEK7fHSfgRulNzxzrRUC02XcA2ioXCdq8aRle4m9Bvm2dB1my3p6XWUodYgS1Eno9ZEFVmawTP0F4DeyU7AVADquooW6jG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f8003aec56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1202bb3601.29972123f3.com/2721bcba9600cbbb8e7c3e12932bf7a2.js | 45.133.44.53 | 200 OK | 44 kB |
URL GET HTTP/21202bb3601.29972123f3.com/2721bcba9600cbbb8e7c3e12932bf7a2.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
File typegzip compressed data, from Unix Hash53ee610d86740d67889a5dc128f57c27 7e00c9a1660fa57f44a1a25858b98876c144c67b 31e6c3713c0840717ff3db5cdb603bed6ec6ec7192b19edcec982301b93d7d83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2721bcba9600cbbb8e7c3e12932bf7a2.js HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab3e"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:07 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 172.67.183.69 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1082
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af; cf_clearance=g._3Nz0ByrvIXGGQDoqna3wNVaM1lzm0sSWV8Si4zIs-1715134807-1.0.1.1-Qbv4ddqzDoxpEWZ6k5247t0bu73axx1cn33w49S_kdtJza8CNMLnWi5u0ICYA2ow4o99RZvNdGmH09C.lEEWyw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 08 May 2024 02:20:09 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8805f80e383d56cb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=ee275597fdae6f8dc4785cf27148bf7e1715142007&psp=26zbXIJOhqKhsauvXGOUbHV7fcqtDPyvmOoPG_keUry9sCrCZ4azgIWdrxS2Me0QoEVmMwxOsB1bR0Ys17yx3TvBxuKARbska_imXFnbOzihJBYMuWb1liytzRGXPV3vXhPe0Gwl_cTTMFPDEq7V5vst3_e4DK9VlIG-P6MfCtYXfcK-iSETz28RmrkRVBLH2Z1FeF8rMz4aksYeCg3CoFiFHqW-XWT22h5FPHRKpYCrfvZPRO7pieaCKhpXTLQPFsCP7ixWagDGWI3hHjcvUeTntmV_9dujfWxlYv3yHx5h6XU3e16QBFcPgMXPDbaJGBIqvpeZ3mv44tk2lbiHQZ5CTzHPGO9mq_zfKseb8nFE0nkXugUw4b0Z12YLV1eusEa9cPFRVr2mRFs5Thhd3ByBgnocRXJq5qVvTTunEd9a4KTYA23a7cB8WR5rSLhuhDEAZvIxxcc0hdhXkPb5_ACYBASLOcLSkN8DCSEbtHB-HcruE7I5gUR27sYFj8sTY54ahsoRX3rWoe9CsLJKvMLLhbNmavz5CApw_e7RKdPN58I8WFDmlZf4B3Hoz93XFIiEm8KxHBUMqhUY4odir_M1wlETY8metJpLe0LR_bf2D1tSJyf2Aa0xtYO8rEQwrbuCYR0R_46M7jb-yrP4kFi-8DYBwHGz1s3KIsh7aRZI1nUPO08o2TtfvWMJH02Ott8-fYIHWsYRFF70v5KIGrT4h8ORVhYzG8VTOpe7WAonLbgIDkRuvh8-jqixbQW6oBDFboTz395H82p-GzDAJneeHir2IRW_cqJK4KL8QuBKGloOHG7tvnEAm4ZSw_vpWTtZxLocoopBOyLld_0vmafif5fg9xPWNM4caSVNRo7TqpE_8QDwdeQW93YT_qPD9gHgGGI4s7tTV6UjufjF9eehx7FgoYG2fHCmtkaxhYgkIBg4M_qfGk133q5EZ9BlPTT7eDb1uaCVnF2BbudlJl28NOcgnZnGzRphO0OLqhtSFRzvuCktwSB-IQ63TaFypumNkVYB2iEA4oV8Rn4C5_HtgQ0r-R3JLibXx5XQWa4uC0jAlUHPvvyI1f0WZU3MnzcG113Jb4bSHZbuImq3j1FbcnTCFrAYpG9N0Pux-OvpNKQ0oLNJGPT3YqWmVMIrsToxEVOCeN77_PulSp0Oi2v0XFuoGKs4DfDsVq_0n05MU7RZKl0c3j-wPmVOM7PiCYu4ex-G5-4YsXB9MWY1e2m_q4EGsbj-u8tK9Cl-LtHtyJD7r_G81BLiqYxk68DxrB7DL9czyICeGg0tZYE_utuV-GxqoyIZq-hXAgJjm181tCUfYaCSRE5DXymGlL1alpAlW6aDwTLzxFaFCzZKinOULXw8NDnh709NN2Tw91fddGEy_zd4rH41GGka7sd_d_00GCo2vQv8mdTKl_DtkP_RXWs6m7I49-LQlL8Ix3CMDxNx36S_lAqcTWplcEnHH8tLzauhZPARmrBIiVI1OGchp8xatUS_kEHEB5yiiTDgcwr9hsGHdNwZ8mhL7Urm2K-ZCug4hQEfz6PP0T8AtbpzsdhnFdt5OjpS_uYyUh2kuTT_eM73iOTrXXDwOWJE7VgZs11QP86ajoLs2UsYCHb2_vKpNru9O-zkgPf0IIlK4OmGEC2pRday232yrhASaV9-Nbr0NiTffM9TrE37qHwGsIYHvRCpcae6fqJxhlfRDHliMkqF39ECg61orJDaZYLmjcVQITQF-ak-C-7e0Fi9IYR_MkOuPjIAIzKNB5xw7RzyoKjDLDWOlZ8sbLE49GUt2IKI5sXSlYVNEDSh2IaZUpaAZ4VTRcJwnLLQ2meDAE6yCf8dyam2whuA9bdCdRoHXdBE0vgM66JrXRuy6q1PaW4g3ir-CFSGTvHZDFZSOAKXC_PazxnrhwmqKPak_vZ9MhytNN71DQP81itkGnNnrE5t19W4ofXl4jy-cO1-xQVOHYJGiK95TOZPvCTlICXQyufqINiDz4r6mE1t8cscjIlxXGWScmV7DJcab5K8mQN-2OiET9H4hHtV0uETs1r4OGTXdxRf3_qslBCglesvyh7-vG5b43GujlNb5Yi8ZQy83zqdecwcre_i7HmUzBJIoJLuKLmBV0SbUFAo092TzMJmlf0mpvXdgaZMic5zA_qaD6NEywWbnZVebVODQlFZXosuoPdrXvjoR8RYMEAc5EKGIuQ-rEDy02W4pAqfcUNYDvE-iHDyzk9oAShyCZ68XLpx-ndyxWLoo1oy-s_62OJxfxi33peHzpHxoF_jG3V39ckiRrbl9kQ3h0Ts6WOqdDDaileG6Yw_wf8jlPEXKarXtpHsCMvYkiG_jf-7DizK9nAzFde6GNoR4x7KL00Wxkgk-QER4BaX-IsQuLpLdqlkc0mpOKba6lVurqBtF9cW8nmWfYXXeoZ4NL4CxhXkZda28pOxvcVcYmKvJbZndAJPnMe4raJArijKpLptBfYhVdSs0-UipwXA_eqWr2W4N0QGkTDB8qmzSQv2cvZXIp59hDSxjRfNT5PxHSyJr0pA_AkFpDs79HCTIIMy9OmWtIO-qOHEmTdH8epAxBQmVTpBv7qmZupKWOHm7C0bI3CPprMFLbKYKOhiFH8mnC4L14UCgT_OGVvHKWTZ7CXH2glEz7nNOlpDSI-k_QwrlkNunmJnYhgjmloEzChp4Fvd9U24Nzn23wvK9T-qBNkYSXcDj9F42ud0E2atGq9oZpAFaWSlY966D4ChS9MLW2EBaABdkKL7yYM6FJ3D4bHadBvex4Erse5CNqpJCK-z-l5Rr0LN4e_1IJFiw8kVGdL6j2FdhGg3L20GoKofiEBM0v4ucxbw3o4rIi6h7MS450oeDOuFEi1n9ok0MNE4Kfe2huQU65s1AXZnOThHqmo0PwOucoMUuuWkQU_5-kp-HUJbXRZWyQbbrhe6fTlF6YeUCzJJfKyMRv0YN5mh9y22S3GoAKoIbuDxcngz-k2ct4Ytx6J8bqDEqj3BxoIeeVRCvF-Q35ssw3odQWKlw8G3k87kQgO6haKc8ArVsFLp_JAlK4D13IHITTPwh3vgWi8vbJuKZjqUDEUhYzD-ZY01911ZdVejIcBdD2I1WhcgVWqaM91_U2K4Y8ZRTaHP3tw9CjA8J04PWwSzVAJOOAuo-pi54kJ7HOc5x5fqdz5QKmajHcYmgvxFkwx8foGDx6hJX7s7y_kwynzhQqHhpWqrYJMekogWI1qkPWszEjJ-8gSo1XRlP3H67jpBcZk8DG5LnsHX5gwa_u9nxQnVJaCxmdXIAaDHDS2dL0PMBtwjd2X_dNIjaMelBwTo59gKLlHVHG9KnUbydYLMTzwy2UC0jKIig0WYMqtn-TGWLegLQXnuzdAO1z_g-ThM9wPhNq3H5BgDTQ63tsyRX9lY_eZ7nkecTKkMSwuitRHm_lZ_RcHVnd0lvVXz_qZkJXMGkINtXAR4kmGqNyu5PDTxXSbvgUvpYH0BhElbDlJGnJGEwmSClvN6HFoL65SOcF6qpbZqoP8xbIu3HDLw-nbFAzvh-mjO8rFkp6FIjcI6aeroWZB35Tv8k4l8iU3cWum2zr9bFO4G0WNLzBKtu3vH31iAwa-VPri87L1fP_yfoHvFlu3V5rEzq2f9uBrfjy7gBkTBmmOGrcBmTsge43XoXP30njvbbGl7XSeTLZS3zlckkBwDnyVO-HW74pz_MvvybHjVKlj46Xv8RSg3_kH6N3V7qqXJQTy-dJUdkakGNzRC1Bh2fbY7W-IYcTFWLZt_aBVvnuSKvj_WP7uxhAkksCsOTV1Cs3bKpoRCApE_aSjbqvpM6JnIKRddZy9yFMnfjU0IuWCkQ6CcjgpjU_AghgR_LvGzkx-mTtFf77gAIdrMls2Vh5pamfXh5LXwQrIGzd_fjaHVhPkTnhFIWWAkr6jQvzo5nKPUb1djemtoiTcdfobN1OtrvseR7HcwvXeNrnHi_OnZOP_HCiLYSaV8TMCN6Cbp-0BksCuf0UaVWCiae8xqN7HP4Sf4whWWYhjRDBC6FYe01CDE6OVdxERO_RoTnGYIzkwlXa0yqFuzYaLw7b27HDpxxNSUoN1cEIA6inykrtEqBuMr83py2Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952655559168&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=ee275597fdae6f8dc4785cf27148bf7e1715142007&psp=26zbXIJOhqKhsauvXGOUbHV7fcqtDPyvmOoPG_keUry9sCrCZ4azgIWdrxS2Me0QoEVmMwxOsB1bR0Ys17yx3TvBxuKARbska_imXFnbOzihJBYMuWb1liytzRGXPV3vXhPe0Gwl_cTTMFPDEq7V5vst3_e4DK9VlIG-P6MfCtYXfcK-iSETz28RmrkRVBLH2Z1FeF8rMz4aksYeCg3CoFiFHqW-XWT22h5FPHRKpYCrfvZPRO7pieaCKhpXTLQPFsCP7ixWagDGWI3hHjcvUeTntmV_9dujfWxlYv3yHx5h6XU3e16QBFcPgMXPDbaJGBIqvpeZ3mv44tk2lbiHQZ5CTzHPGO9mq_zfKseb8nFE0nkXugUw4b0Z12YLV1eusEa9cPFRVr2mRFs5Thhd3ByBgnocRXJq5qVvTTunEd9a4KTYA23a7cB8WR5rSLhuhDEAZvIxxcc0hdhXkPb5_ACYBASLOcLSkN8DCSEbtHB-HcruE7I5gUR27sYFj8sTY54ahsoRX3rWoe9CsLJKvMLLhbNmavz5CApw_e7RKdPN58I8WFDmlZf4B3Hoz93XFIiEm8KxHBUMqhUY4odir_M1wlETY8metJpLe0LR_bf2D1tSJyf2Aa0xtYO8rEQwrbuCYR0R_46M7jb-yrP4kFi-8DYBwHGz1s3KIsh7aRZI1nUPO08o2TtfvWMJH02Ott8-fYIHWsYRFF70v5KIGrT4h8ORVhYzG8VTOpe7WAonLbgIDkRuvh8-jqixbQW6oBDFboTz395H82p-GzDAJneeHir2IRW_cqJK4KL8QuBKGloOHG7tvnEAm4ZSw_vpWTtZxLocoopBOyLld_0vmafif5fg9xPWNM4caSVNRo7TqpE_8QDwdeQW93YT_qPD9gHgGGI4s7tTV6UjufjF9eehx7FgoYG2fHCmtkaxhYgkIBg4M_qfGk133q5EZ9BlPTT7eDb1uaCVnF2BbudlJl28NOcgnZnGzRphO0OLqhtSFRzvuCktwSB-IQ63TaFypumNkVYB2iEA4oV8Rn4C5_HtgQ0r-R3JLibXx5XQWa4uC0jAlUHPvvyI1f0WZU3MnzcG113Jb4bSHZbuImq3j1FbcnTCFrAYpG9N0Pux-OvpNKQ0oLNJGPT3YqWmVMIrsToxEVOCeN77_PulSp0Oi2v0XFuoGKs4DfDsVq_0n05MU7RZKl0c3j-wPmVOM7PiCYu4ex-G5-4YsXB9MWY1e2m_q4EGsbj-u8tK9Cl-LtHtyJD7r_G81BLiqYxk68DxrB7DL9czyICeGg0tZYE_utuV-GxqoyIZq-hXAgJjm181tCUfYaCSRE5DXymGlL1alpAlW6aDwTLzxFaFCzZKinOULXw8NDnh709NN2Tw91fddGEy_zd4rH41GGka7sd_d_00GCo2vQv8mdTKl_DtkP_RXWs6m7I49-LQlL8Ix3CMDxNx36S_lAqcTWplcEnHH8tLzauhZPARmrBIiVI1OGchp8xatUS_kEHEB5yiiTDgcwr9hsGHdNwZ8mhL7Urm2K-ZCug4hQEfz6PP0T8AtbpzsdhnFdt5OjpS_uYyUh2kuTT_eM73iOTrXXDwOWJE7VgZs11QP86ajoLs2UsYCHb2_vKpNru9O-zkgPf0IIlK4OmGEC2pRday232yrhASaV9-Nbr0NiTffM9TrE37qHwGsIYHvRCpcae6fqJxhlfRDHliMkqF39ECg61orJDaZYLmjcVQITQF-ak-C-7e0Fi9IYR_MkOuPjIAIzKNB5xw7RzyoKjDLDWOlZ8sbLE49GUt2IKI5sXSlYVNEDSh2IaZUpaAZ4VTRcJwnLLQ2meDAE6yCf8dyam2whuA9bdCdRoHXdBE0vgM66JrXRuy6q1PaW4g3ir-CFSGTvHZDFZSOAKXC_PazxnrhwmqKPak_vZ9MhytNN71DQP81itkGnNnrE5t19W4ofXl4jy-cO1-xQVOHYJGiK95TOZPvCTlICXQyufqINiDz4r6mE1t8cscjIlxXGWScmV7DJcab5K8mQN-2OiET9H4hHtV0uETs1r4OGTXdxRf3_qslBCglesvyh7-vG5b43GujlNb5Yi8ZQy83zqdecwcre_i7HmUzBJIoJLuKLmBV0SbUFAo092TzMJmlf0mpvXdgaZMic5zA_qaD6NEywWbnZVebVODQlFZXosuoPdrXvjoR8RYMEAc5EKGIuQ-rEDy02W4pAqfcUNYDvE-iHDyzk9oAShyCZ68XLpx-ndyxWLoo1oy-s_62OJxfxi33peHzpHxoF_jG3V39ckiRrbl9kQ3h0Ts6WOqdDDaileG6Yw_wf8jlPEXKarXtpHsCMvYkiG_jf-7DizK9nAzFde6GNoR4x7KL00Wxkgk-QER4BaX-IsQuLpLdqlkc0mpOKba6lVurqBtF9cW8nmWfYXXeoZ4NL4CxhXkZda28pOxvcVcYmKvJbZndAJPnMe4raJArijKpLptBfYhVdSs0-UipwXA_eqWr2W4N0QGkTDB8qmzSQv2cvZXIp59hDSxjRfNT5PxHSyJr0pA_AkFpDs79HCTIIMy9OmWtIO-qOHEmTdH8epAxBQmVTpBv7qmZupKWOHm7C0bI3CPprMFLbKYKOhiFH8mnC4L14UCgT_OGVvHKWTZ7CXH2glEz7nNOlpDSI-k_QwrlkNunmJnYhgjmloEzChp4Fvd9U24Nzn23wvK9T-qBNkYSXcDj9F42ud0E2atGq9oZpAFaWSlY966D4ChS9MLW2EBaABdkKL7yYM6FJ3D4bHadBvex4Erse5CNqpJCK-z-l5Rr0LN4e_1IJFiw8kVGdL6j2FdhGg3L20GoKofiEBM0v4ucxbw3o4rIi6h7MS450oeDOuFEi1n9ok0MNE4Kfe2huQU65s1AXZnOThHqmo0PwOucoMUuuWkQU_5-kp-HUJbXRZWyQbbrhe6fTlF6YeUCzJJfKyMRv0YN5mh9y22S3GoAKoIbuDxcngz-k2ct4Ytx6J8bqDEqj3BxoIeeVRCvF-Q35ssw3odQWKlw8G3k87kQgO6haKc8ArVsFLp_JAlK4D13IHITTPwh3vgWi8vbJuKZjqUDEUhYzD-ZY01911ZdVejIcBdD2I1WhcgVWqaM91_U2K4Y8ZRTaHP3tw9CjA8J04PWwSzVAJOOAuo-pi54kJ7HOc5x5fqdz5QKmajHcYmgvxFkwx8foGDx6hJX7s7y_kwynzhQqHhpWqrYJMekogWI1qkPWszEjJ-8gSo1XRlP3H67jpBcZk8DG5LnsHX5gwa_u9nxQnVJaCxmdXIAaDHDS2dL0PMBtwjd2X_dNIjaMelBwTo59gKLlHVHG9KnUbydYLMTzwy2UC0jKIig0WYMqtn-TGWLegLQXnuzdAO1z_g-ThM9wPhNq3H5BgDTQ63tsyRX9lY_eZ7nkecTKkMSwuitRHm_lZ_RcHVnd0lvVXz_qZkJXMGkINtXAR4kmGqNyu5PDTxXSbvgUvpYH0BhElbDlJGnJGEwmSClvN6HFoL65SOcF6qpbZqoP8xbIu3HDLw-nbFAzvh-mjO8rFkp6FIjcI6aeroWZB35Tv8k4l8iU3cWum2zr9bFO4G0WNLzBKtu3vH31iAwa-VPri87L1fP_yfoHvFlu3V5rEzq2f9uBrfjy7gBkTBmmOGrcBmTsge43XoXP30njvbbGl7XSeTLZS3zlckkBwDnyVO-HW74pz_MvvybHjVKlj46Xv8RSg3_kH6N3V7qqXJQTy-dJUdkakGNzRC1Bh2fbY7W-IYcTFWLZt_aBVvnuSKvj_WP7uxhAkksCsOTV1Cs3bKpoRCApE_aSjbqvpM6JnIKRddZy9yFMnfjU0IuWCkQ6CcjgpjU_AghgR_LvGzkx-mTtFf77gAIdrMls2Vh5pamfXh5LXwQrIGzd_fjaHVhPkTnhFIWWAkr6jQvzo5nKPUb1djemtoiTcdfobN1OtrvseR7HcwvXeNrnHi_OnZOP_HCiLYSaV8TMCN6Cbp-0BksCuf0UaVWCiae8xqN7HP4Sf4whWWYhjRDBC6FYe01CDE6OVdxERO_RoTnGYIzkwlXa0yqFuzYaLw7b27HDpxxNSUoN1cEIA6inykrtEqBuMr83py2Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952655559168&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=ee275597fdae6f8dc4785cf27148bf7e1715142007&psp=26zbXIJOhqKhsauvXGOUbHV7fcqtDPyvmOoPG_keUry9sCrCZ4azgIWdrxS2Me0QoEVmMwxOsB1bR0Ys17yx3TvBxuKARbska_imXFnbOzihJBYMuWb1liytzRGXPV3vXhPe0Gwl_cTTMFPDEq7V5vst3_e4DK9VlIG-P6MfCtYXfcK-iSETz28RmrkRVBLH2Z1FeF8rMz4aksYeCg3CoFiFHqW-XWT22h5FPHRKpYCrfvZPRO7pieaCKhpXTLQPFsCP7ixWagDGWI3hHjcvUeTntmV_9dujfWxlYv3yHx5h6XU3e16QBFcPgMXPDbaJGBIqvpeZ3mv44tk2lbiHQZ5CTzHPGO9mq_zfKseb8nFE0nkXugUw4b0Z12YLV1eusEa9cPFRVr2mRFs5Thhd3ByBgnocRXJq5qVvTTunEd9a4KTYA23a7cB8WR5rSLhuhDEAZvIxxcc0hdhXkPb5_ACYBASLOcLSkN8DCSEbtHB-HcruE7I5gUR27sYFj8sTY54ahsoRX3rWoe9CsLJKvMLLhbNmavz5CApw_e7RKdPN58I8WFDmlZf4B3Hoz93XFIiEm8KxHBUMqhUY4odir_M1wlETY8metJpLe0LR_bf2D1tSJyf2Aa0xtYO8rEQwrbuCYR0R_46M7jb-yrP4kFi-8DYBwHGz1s3KIsh7aRZI1nUPO08o2TtfvWMJH02Ott8-fYIHWsYRFF70v5KIGrT4h8ORVhYzG8VTOpe7WAonLbgIDkRuvh8-jqixbQW6oBDFboTz395H82p-GzDAJneeHir2IRW_cqJK4KL8QuBKGloOHG7tvnEAm4ZSw_vpWTtZxLocoopBOyLld_0vmafif5fg9xPWNM4caSVNRo7TqpE_8QDwdeQW93YT_qPD9gHgGGI4s7tTV6UjufjF9eehx7FgoYG2fHCmtkaxhYgkIBg4M_qfGk133q5EZ9BlPTT7eDb1uaCVnF2BbudlJl28NOcgnZnGzRphO0OLqhtSFRzvuCktwSB-IQ63TaFypumNkVYB2iEA4oV8Rn4C5_HtgQ0r-R3JLibXx5XQWa4uC0jAlUHPvvyI1f0WZU3MnzcG113Jb4bSHZbuImq3j1FbcnTCFrAYpG9N0Pux-OvpNKQ0oLNJGPT3YqWmVMIrsToxEVOCeN77_PulSp0Oi2v0XFuoGKs4DfDsVq_0n05MU7RZKl0c3j-wPmVOM7PiCYu4ex-G5-4YsXB9MWY1e2m_q4EGsbj-u8tK9Cl-LtHtyJD7r_G81BLiqYxk68DxrB7DL9czyICeGg0tZYE_utuV-GxqoyIZq-hXAgJjm181tCUfYaCSRE5DXymGlL1alpAlW6aDwTLzxFaFCzZKinOULXw8NDnh709NN2Tw91fddGEy_zd4rH41GGka7sd_d_00GCo2vQv8mdTKl_DtkP_RXWs6m7I49-LQlL8Ix3CMDxNx36S_lAqcTWplcEnHH8tLzauhZPARmrBIiVI1OGchp8xatUS_kEHEB5yiiTDgcwr9hsGHdNwZ8mhL7Urm2K-ZCug4hQEfz6PP0T8AtbpzsdhnFdt5OjpS_uYyUh2kuTT_eM73iOTrXXDwOWJE7VgZs11QP86ajoLs2UsYCHb2_vKpNru9O-zkgPf0IIlK4OmGEC2pRday232yrhASaV9-Nbr0NiTffM9TrE37qHwGsIYHvRCpcae6fqJxhlfRDHliMkqF39ECg61orJDaZYLmjcVQITQF-ak-C-7e0Fi9IYR_MkOuPjIAIzKNB5xw7RzyoKjDLDWOlZ8sbLE49GUt2IKI5sXSlYVNEDSh2IaZUpaAZ4VTRcJwnLLQ2meDAE6yCf8dyam2whuA9bdCdRoHXdBE0vgM66JrXRuy6q1PaW4g3ir-CFSGTvHZDFZSOAKXC_PazxnrhwmqKPak_vZ9MhytNN71DQP81itkGnNnrE5t19W4ofXl4jy-cO1-xQVOHYJGiK95TOZPvCTlICXQyufqINiDz4r6mE1t8cscjIlxXGWScmV7DJcab5K8mQN-2OiET9H4hHtV0uETs1r4OGTXdxRf3_qslBCglesvyh7-vG5b43GujlNb5Yi8ZQy83zqdecwcre_i7HmUzBJIoJLuKLmBV0SbUFAo092TzMJmlf0mpvXdgaZMic5zA_qaD6NEywWbnZVebVODQlFZXosuoPdrXvjoR8RYMEAc5EKGIuQ-rEDy02W4pAqfcUNYDvE-iHDyzk9oAShyCZ68XLpx-ndyxWLoo1oy-s_62OJxfxi33peHzpHxoF_jG3V39ckiRrbl9kQ3h0Ts6WOqdDDaileG6Yw_wf8jlPEXKarXtpHsCMvYkiG_jf-7DizK9nAzFde6GNoR4x7KL00Wxkgk-QER4BaX-IsQuLpLdqlkc0mpOKba6lVurqBtF9cW8nmWfYXXeoZ4NL4CxhXkZda28pOxvcVcYmKvJbZndAJPnMe4raJArijKpLptBfYhVdSs0-UipwXA_eqWr2W4N0QGkTDB8qmzSQv2cvZXIp59hDSxjRfNT5PxHSyJr0pA_AkFpDs79HCTIIMy9OmWtIO-qOHEmTdH8epAxBQmVTpBv7qmZupKWOHm7C0bI3CPprMFLbKYKOhiFH8mnC4L14UCgT_OGVvHKWTZ7CXH2glEz7nNOlpDSI-k_QwrlkNunmJnYhgjmloEzChp4Fvd9U24Nzn23wvK9T-qBNkYSXcDj9F42ud0E2atGq9oZpAFaWSlY966D4ChS9MLW2EBaABdkKL7yYM6FJ3D4bHadBvex4Erse5CNqpJCK-z-l5Rr0LN4e_1IJFiw8kVGdL6j2FdhGg3L20GoKofiEBM0v4ucxbw3o4rIi6h7MS450oeDOuFEi1n9ok0MNE4Kfe2huQU65s1AXZnOThHqmo0PwOucoMUuuWkQU_5-kp-HUJbXRZWyQbbrhe6fTlF6YeUCzJJfKyMRv0YN5mh9y22S3GoAKoIbuDxcngz-k2ct4Ytx6J8bqDEqj3BxoIeeVRCvF-Q35ssw3odQWKlw8G3k87kQgO6haKc8ArVsFLp_JAlK4D13IHITTPwh3vgWi8vbJuKZjqUDEUhYzD-ZY01911ZdVejIcBdD2I1WhcgVWqaM91_U2K4Y8ZRTaHP3tw9CjA8J04PWwSzVAJOOAuo-pi54kJ7HOc5x5fqdz5QKmajHcYmgvxFkwx8foGDx6hJX7s7y_kwynzhQqHhpWqrYJMekogWI1qkPWszEjJ-8gSo1XRlP3H67jpBcZk8DG5LnsHX5gwa_u9nxQnVJaCxmdXIAaDHDS2dL0PMBtwjd2X_dNIjaMelBwTo59gKLlHVHG9KnUbydYLMTzwy2UC0jKIig0WYMqtn-TGWLegLQXnuzdAO1z_g-ThM9wPhNq3H5BgDTQ63tsyRX9lY_eZ7nkecTKkMSwuitRHm_lZ_RcHVnd0lvVXz_qZkJXMGkINtXAR4kmGqNyu5PDTxXSbvgUvpYH0BhElbDlJGnJGEwmSClvN6HFoL65SOcF6qpbZqoP8xbIu3HDLw-nbFAzvh-mjO8rFkp6FIjcI6aeroWZB35Tv8k4l8iU3cWum2zr9bFO4G0WNLzBKtu3vH31iAwa-VPri87L1fP_yfoHvFlu3V5rEzq2f9uBrfjy7gBkTBmmOGrcBmTsge43XoXP30njvbbGl7XSeTLZS3zlckkBwDnyVO-HW74pz_MvvybHjVKlj46Xv8RSg3_kH6N3V7qqXJQTy-dJUdkakGNzRC1Bh2fbY7W-IYcTFWLZt_aBVvnuSKvj_WP7uxhAkksCsOTV1Cs3bKpoRCApE_aSjbqvpM6JnIKRddZy9yFMnfjU0IuWCkQ6CcjgpjU_AghgR_LvGzkx-mTtFf77gAIdrMls2Vh5pamfXh5LXwQrIGzd_fjaHVhPkTnhFIWWAkr6jQvzo5nKPUb1djemtoiTcdfobN1OtrvseR7HcwvXeNrnHi_OnZOP_HCiLYSaV8TMCN6Cbp-0BksCuf0UaVWCiae8xqN7HP4Sf4whWWYhjRDBC6FYe01CDE6OVdxERO_RoTnGYIzkwlXa0yqFuzYaLw7b27HDpxxNSUoN1cEIA6inykrtEqBuMr83py2Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952655559168&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405072120d964e35ea4144f41a4777ab073
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Fri, 07 Jun 2024 02:20:09 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmOtyg; Path=/; Expires=Fri, 07 Jun 2024 02:20:09 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.80.73 | 200 OK | 7.1 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, from Unix Hash663fc6e352e2b5bbff24cc82970eef7c 37e5ba01f10e8ccbb72a0194ab2fca7cee89534b 89d4132eaa360f086cc2261fe6927ba75d6ec965401446a1a6e77d2e9acbcee7
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:06 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f7f9f86356be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:20:09 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:20:09 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 364 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashc360874f388163a72d892d9d986ee50c 33d31068b716045543955929ca98b8a073111e43 b8588b441cd046cc43fcf1541b059fb8f5d84506adf68d5f8109eb6e37263422
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:20:09 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=8506014702706264580; Expires=Thu, 08 May 2025 02:20:09 GMT; Secure; SameSite=None
Vary: Origin
|
|
| b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js | 212.117.190.201 | 200 OK | 40 kB |
URL GET HTTP/2b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Hash5c1245ce45f7e0a8ff772bf695857a27 fad29ae9877616251044562b679427d9450199f7 9eee888953ac3827e3a1951d646e67fd6c34a47c7f4ff861c8b875218889513b
GET /t/9/fret/meow4/2020088/0d68ddef.js HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=5f2cd5c6-38c6-438a-8d81-d3e3758efbcc&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=5f2cd5c6-38c6-438a-8d81-d3e3758efbcc&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=5f2cd5c6-38c6-438a-8d81-d3e3758efbcc&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:09 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:20:09 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=15144469824399726452; Expires=Thu, 08 May 2025 02:20:09 GMT; Secure; SameSite=None
Vary: Origin
|
|
| 82c39cef22.0a3036d0e7.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzM2ODc2NzkzOTc0Njc2MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/282c39cef22.0a3036d0e7.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzM2ODc2NzkzOTc0Njc2MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject82c39cef22.0a3036d0e7.com FingerprintB5:63:82:89:FA:3B:23:EC:39:BF:44:83:B4:62:4A:8F:5D:11:9D:38 ValiditySun, 05 May 2024 02:50:23 GMT - Sat, 03 Aug 2024 02:50:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzM2ODc2NzkzOTc0Njc2MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41OCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 82c39cef22.0a3036d0e7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:09 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=o7ft575140je452692623f3b9fywj863 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=o7ft575140je452692623f3b9fywj863 IP139.45.195.8:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash6db5485438f76c7562a545aa193dbcbb 394fda199666cf5596ad89b70f0317d208834054 8f0dbcc333b40f6b2a31ffef1fda498727672a50b10e9363f93eb8ca48167d99
GET /gid.js?userId=o7ft575140je452692623f3b9fywj863 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=o7ft575140je452692623f3b9fywj863; expires=Thu, 08 May 2025 02:20:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| mbddip.com/in/dip?site=native-push&wl=1&event_id=42540b9d-932f-4824-9e32-76fc92bb20e4&subid=1211831614&sid=860202703&spot_id=560190&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2mbddip.com/in/dip?site=native-push&wl=1&event_id=42540b9d-932f-4824-9e32-76fc92bb20e4&subid=1211831614&sid=860202703&spot_id=560190&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=42540b9d-932f-4824-9e32-76fc92bb20e4&subid=1211831614&sid=860202703&spot_id=560190&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:10 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:10 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.99 | | 471 B |
IP142.250.74.99:0
Hash5991db4ffbfc4b57b0f99a35a0e6a3d0 1b74b56ddc178de4587ef8898436cff19cc2c66b 17904ae58c5cfd605b9b96ef28a59c0b158141c0d69922267a677ff041ca24d9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 02:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| js.mbidinp.com/skins/nmain.m.js | 45.133.44.52 | 200 OK | 110 kB |
URL GET HTTP/2js.mbidinp.com/skins/nmain.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (109944 bytes) Hash2902e331e5e735ad63e7510dfc434c5b 8f276d26159f74561fb370144b8cafba8bcc8bd3 26106440376cfc59241a9ef152d26483d436f1c155744bda92a41d3906e60ba2
GET /skins/nmain.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:10 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 157.90.84.246 | 200 OK | 6.0 kB |
IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashb86f75040f8793914c04c4c8a179aba5 da4c2e3a26d9f5943cde062e7e6dbf2b317d9db8 48105234b2580d9c761844592017f4d54654bda21b4c5f5fbf7acd99e6a2fef2
POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2246
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:10 GMT
content-type: application/json
content-length: 5955
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwewnBd3CHVY4FljwVlUifV6AY1i8blCVNSf9wdXnp1USPIbEdxV3XPuuZcegD0iZiQe8Jn2g | 64.233.165.84 | 302 Found | 428 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwewnBd3CHVY4FljwVlUifV6AY1i8blCVNSf9wdXnp1USPIbEdxV3XPuuZcegD0iZiQe8Jn2g IP64.233.165.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
File typeHTML document, ASCII text, with very long lines (406) Hashbae64861ab19bb6520eae4ed715f8845 2e914d6d465412e865eb94d24bc539b41b46ef43 1b849da8b723197e6cf22d36cd8f9f8bf26f2edee487e51f8863eab8d9bb77a6
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwewnBd3CHVY4FljwVlUifV6AY1i8blCVNSf9wdXnp1USPIbEdxV3XPuuZcegD0iZiQe8Jn2g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:5y1UpAj5ek_TMd5A3YPR98PNZzCgjA:RtrtpNH34V5NNUAi;Path=/;Expires=Fri, 08-May-2026 02:20:10 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 02:20:10 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzRavSterGnAID5zfHSl7RIFh79eh_pkq1CNb3SvVQpoJVYL5d5ydvxuVZxGTHFYlB_M5zTmA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1358285550%3A1715134810625203&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-X1-SRwxP4dfKb3HfaPFqOw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.99 | | 471 B |
IP142.250.74.99:0
Hashd59e53e22f3681f080bc6a493b7508a1 50ec966f62f5efce0a5fbea8917c5c5b025eaccf cffc1da003262cd2907f76fb611cccac521441669302d10fae3aeb0c9a81c181
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 02:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134810&subid=1211831614&sid=860202703&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&icons=sQ1s_N_R48U28ApoeTZQjYR0f01g8UBp9rtHDbYvAJbrEvoFODDujwuDx1_Sd6tTe1BnxKzeycFmHotfE-crJ5b3kxZQBYgMAh2FTmrDNz4i6Tl7gVLNG9x9cUy5vnOfCQ2r4X2hw_qwLxzbiWkXHoGS4ZjFYO8WaXr4DwEJuQqcDBymxA&ext_cid=0&px_id=560190&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8117263191875138272&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.018588103250606648&cpm=0&verify_hash=eefb9a855616da81026a36ac08654018&is_native=4&real_bid=0.0005341350799710241&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-0-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000268093&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=0beb1114-f669-43f6-8cac-4883353f16f6&prev_step_diff=1094 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134810&subid=1211831614&sid=860202703&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&icons=sQ1s_N_R48U28ApoeTZQjYR0f01g8UBp9rtHDbYvAJbrEvoFODDujwuDx1_Sd6tTe1BnxKzeycFmHotfE-crJ5b3kxZQBYgMAh2FTmrDNz4i6Tl7gVLNG9x9cUy5vnOfCQ2r4X2hw_qwLxzbiWkXHoGS4ZjFYO8WaXr4DwEJuQqcDBymxA&ext_cid=0&px_id=560190&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8117263191875138272&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.018588103250606648&cpm=0&verify_hash=eefb9a855616da81026a36ac08654018&is_native=4&real_bid=0.0005341350799710241&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-0-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000268093&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=0beb1114-f669-43f6-8cac-4883353f16f6&prev_step_diff=1094 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134810&subid=1211831614&sid=860202703&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&icons=sQ1s_N_R48U28ApoeTZQjYR0f01g8UBp9rtHDbYvAJbrEvoFODDujwuDx1_Sd6tTe1BnxKzeycFmHotfE-crJ5b3kxZQBYgMAh2FTmrDNz4i6Tl7gVLNG9x9cUy5vnOfCQ2r4X2hw_qwLxzbiWkXHoGS4ZjFYO8WaXr4DwEJuQqcDBymxA&ext_cid=0&px_id=560190&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8117263191875138272&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.018588103250606648&cpm=0&verify_hash=eefb9a855616da81026a36ac08654018&is_native=4&real_bid=0.0005341350799710241&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-0-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000268093&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=0beb1114-f669-43f6-8cac-4883353f16f6&prev_step_diff=1094 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:10 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134810&subid=1211831614&sid=860202703&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DQxrEUmBDdpb4NK_-VldEm9effG0D6d13J2L3NUEc4kLaFuiMj_QFo9OVL-odhixBXBfLyadEXHMRnrdKNC9vn2gfsKRWcrKfMlNqBiVlRGadGO2DQIqhpLoFtN2k2JzdI2zKJQAul7srrEY32L69qg4N-Te2BkFr6Y6PeuaL_XXlzHNy90-xUlE1Ak5ldD2cVmxSLyQPyn-_cGRZ_4yVeHkSd9X-ehiz2WfkXlbI-WJtBp8VtaDAERzTiD2qZURIClW2AzVycGAZXKm7ShQTVRwSxQ4JZZS1vQalWYF6c-u51X61PP4N7FaYE_Ku-aNUuiVMiVXR_RrI3kpEHaffFN_iCs8aboyzAWxaiJ4BLF69BoItEKpUaRErN0iXrMcAOuZrRC_WhXqylSWj2IOhMYlGYz4JUWnQGKWHS6A5aSy1djzeFGJajca8vZ88daFyqXukwCPDQGr7oxyRtr1ufPoFKqs2-dkKEJAOoqt4OuSEuKx_MHq0zdaI5F__EJfg51dcYHUMY9VVv3f-Wd8n7lfkEkrG_KiA0QCJkoVd7As34pLDCLj29KI6Njp4OQV8YokltFuaz1ED16Ww94zOOgvlzeT8JFQktiJONXvHmWI3gdtGIi4xEiNU7QO4JaxzfupHJSYKO-0q3eNG4ntjaqFOGtPxbC7LeG17FXERS8eZRJvxWZpZRJtIn31JaksJZOJ7Ku6ghMJSBSI0GboDT6D9RFqT6gmTDmUKup7-phzYbEQlOduZBHFZnX1iCF_t5O8LMOK9C5lM8X6GYGrQ7hAb6OrWrQ2HlrC6p-z663-VYmwwmRpF9reNCH-LYFt6dVSD3E6uBmadknSvGX10wQUQGn3fBQpmHZ2VLxUpoW1u-w8-KlMflZxcMK3xi1sIRdZrQuckaHf9_V2IH1OJXcdll8MKVKE3_nHdxqSlvTqgi7F3nZwJ9LaoXznLCYDyo3hbq4o2atD1s1BKDRwXUoQzIEtu2GMi7jh1YJD9z0U4FoGOn7lYGseGvngBW4sDwCkpc0DlBEYRavxxAvGyK4kqa0jd0eJ26-NAS-zKc1n28uv5iq8aXyorfY7s6QPp7rVi-2rZIyHfQI8mU8pDaVQBxV-AxxMnGXrAEGeM2mZhOy-tEe6cYpM0Uoy3YnTYgveKjujpeu_QrZuRTAvS1CSBtplBwAAReyvYXrniiKFK4iT6zN4qhFpkQdvtPjBGV1snGZBVPgNiJjE-d9imRqaiSqXZJWwDnG-FMHin4JWbUXVsT2wVGw-o8exFLp1p2EUVobw8YGuwgFrAwm-Q3l5PLHgJpd8-hDBcjBmmvqMh__4y%26bid%3D0.021892081860232598&icons=FjuqW8Vy2XBocOWch7m7Ovq3u1hLBQAiIq9Y4ZZ-cFD3An422QRQfILw6qB0CmNhsgkAxnls0XsB54og3nOqoiekRCIQgQMjeYMnL17Jw8Mnco3g5rfsXfNW4Cab75oVHc7SyOHAWsI6wdRyChEdVRqrPcDTBX56-o0bH75_jb8GQBn-YDDVi6b5a-4qmTP_4DoH5Lb-W5lbkcptmYlKCY1aX4gjPrmsMbT2gHKLA1j-nwit9GViffTuo5c8pF55avXdZ3Kaye_RyreCVQepwyERc6aJM4hncYAY80eY-UUCAUAmJJGJ-VZgSLCdJpdjMPrKCibORPy26M522L32L2mF3RgtW4bU5x9kECzacOJk-BZCq67FZT65nQDeqqvOpSr7dteH9bH_2fhpjTfz11XXvqpeZrWioAIp7HSUI7qcrbn2UxPJB9IrGIVlz6-OLKJF-GJCM6uImVTlutFpnddFWVMlnDLoKhEleGHrahYaXFwXSnIxVBMOB8t0vE22c5IqLOd95JOJrko6dI4nmTJhLcy4j3vC6asFrICz2K9lJwDwCztHIJA9yM_13Jt9NS1CHlYyBuerhsE7PzxgeLODOmmT8YRPNQnwz-hbgNTJX4MLT9JLTNhw5IsgcHqMLgOVe9ky7SshhIco2VDD6cH74DdD8BXM3-PAdbzyeuQkL9GiOQlEu_WWZiFoW5tNi_sOaUcOaS-isGDJ-Fmhi-JPovYXvK4X0kzouN-2BGtt61dq7Y1199TLnTqZyGDhG9s8v36fCQVbR92-sIcSdo7qQ5-lQAjggPK2K8Afq1SRrXjXMEWAa9vTq40jOb-NGGGH_X-7Y_SrzLcwNiHKQ7GjGYm3pzC-VDDDAgolqshwPrd59C8W3VpX5kn3r23XB6TsW2M_dn4TQMJoVtJdDjTjCgWnPCjewCggZ7vjWBFz9n_ozxAYFYI0bmleqXfaEG2A-DU9sW-PszCgNypF9vXR_0PE7I5pbgw9R0fcn2FC2Aw0SRW0cbRl4OGl6mGpZZsPaLlx4kgpxNKaWDc64qQhnGnOP8IedbLkB7_Wo-yM4_o1znpQL7e-mfm0dbke8bRYOnnJLFtmJgcbx1TjuWlJqRYRqAhEAmAGTyimCtLbCkfb0mbkblL730Q55k9-dCsFjrnZdjoqqLLkMtBsRWnP1SiXtA0I7EJZGEazswwk9MP-3t5RIfXDxUxKXRxdvlXdFIW7gnKZtCEwx7wCIOevan86rMXdK0Pjb0OLf5FhTNWB8gC8fcYn51cnu35tGEsRdSZDVvA9pf2X2Sn7FlEduerbFu2J971w27zTJE5OoDjbH5z6&ext_cid=224906&px_id=73560190&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8117263191875138272&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.021892081860232598&verify_hash=b31ef6355731aaf4479cab03c695f110&is_native=1&real_bid=0.02170381003139515&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,4,90,5,33&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715307610&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-0-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.06&cpa=dea31cbf-28db-4d10-b901-f8c74f9d7464&prev_step_diff=1094 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134810&subid=1211831614&sid=860202703&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DQxrEUmBDdpb4NK_-VldEm9effG0D6d13J2L3NUEc4kLaFuiMj_QFo9OVL-odhixBXBfLyadEXHMRnrdKNC9vn2gfsKRWcrKfMlNqBiVlRGadGO2DQIqhpLoFtN2k2JzdI2zKJQAul7srrEY32L69qg4N-Te2BkFr6Y6PeuaL_XXlzHNy90-xUlE1Ak5ldD2cVmxSLyQPyn-_cGRZ_4yVeHkSd9X-ehiz2WfkXlbI-WJtBp8VtaDAERzTiD2qZURIClW2AzVycGAZXKm7ShQTVRwSxQ4JZZS1vQalWYF6c-u51X61PP4N7FaYE_Ku-aNUuiVMiVXR_RrI3kpEHaffFN_iCs8aboyzAWxaiJ4BLF69BoItEKpUaRErN0iXrMcAOuZrRC_WhXqylSWj2IOhMYlGYz4JUWnQGKWHS6A5aSy1djzeFGJajca8vZ88daFyqXukwCPDQGr7oxyRtr1ufPoFKqs2-dkKEJAOoqt4OuSEuKx_MHq0zdaI5F__EJfg51dcYHUMY9VVv3f-Wd8n7lfkEkrG_KiA0QCJkoVd7As34pLDCLj29KI6Njp4OQV8YokltFuaz1ED16Ww94zOOgvlzeT8JFQktiJONXvHmWI3gdtGIi4xEiNU7QO4JaxzfupHJSYKO-0q3eNG4ntjaqFOGtPxbC7LeG17FXERS8eZRJvxWZpZRJtIn31JaksJZOJ7Ku6ghMJSBSI0GboDT6D9RFqT6gmTDmUKup7-phzYbEQlOduZBHFZnX1iCF_t5O8LMOK9C5lM8X6GYGrQ7hAb6OrWrQ2HlrC6p-z663-VYmwwmRpF9reNCH-LYFt6dVSD3E6uBmadknSvGX10wQUQGn3fBQpmHZ2VLxUpoW1u-w8-KlMflZxcMK3xi1sIRdZrQuckaHf9_V2IH1OJXcdll8MKVKE3_nHdxqSlvTqgi7F3nZwJ9LaoXznLCYDyo3hbq4o2atD1s1BKDRwXUoQzIEtu2GMi7jh1YJD9z0U4FoGOn7lYGseGvngBW4sDwCkpc0DlBEYRavxxAvGyK4kqa0jd0eJ26-NAS-zKc1n28uv5iq8aXyorfY7s6QPp7rVi-2rZIyHfQI8mU8pDaVQBxV-AxxMnGXrAEGeM2mZhOy-tEe6cYpM0Uoy3YnTYgveKjujpeu_QrZuRTAvS1CSBtplBwAAReyvYXrniiKFK4iT6zN4qhFpkQdvtPjBGV1snGZBVPgNiJjE-d9imRqaiSqXZJWwDnG-FMHin4JWbUXVsT2wVGw-o8exFLp1p2EUVobw8YGuwgFrAwm-Q3l5PLHgJpd8-hDBcjBmmvqMh__4y%26bid%3D0.021892081860232598&icons=FjuqW8Vy2XBocOWch7m7Ovq3u1hLBQAiIq9Y4ZZ-cFD3An422QRQfILw6qB0CmNhsgkAxnls0XsB54og3nOqoiekRCIQgQMjeYMnL17Jw8Mnco3g5rfsXfNW4Cab75oVHc7SyOHAWsI6wdRyChEdVRqrPcDTBX56-o0bH75_jb8GQBn-YDDVi6b5a-4qmTP_4DoH5Lb-W5lbkcptmYlKCY1aX4gjPrmsMbT2gHKLA1j-nwit9GViffTuo5c8pF55avXdZ3Kaye_RyreCVQepwyERc6aJM4hncYAY80eY-UUCAUAmJJGJ-VZgSLCdJpdjMPrKCibORPy26M522L32L2mF3RgtW4bU5x9kECzacOJk-BZCq67FZT65nQDeqqvOpSr7dteH9bH_2fhpjTfz11XXvqpeZrWioAIp7HSUI7qcrbn2UxPJB9IrGIVlz6-OLKJF-GJCM6uImVTlutFpnddFWVMlnDLoKhEleGHrahYaXFwXSnIxVBMOB8t0vE22c5IqLOd95JOJrko6dI4nmTJhLcy4j3vC6asFrICz2K9lJwDwCztHIJA9yM_13Jt9NS1CHlYyBuerhsE7PzxgeLODOmmT8YRPNQnwz-hbgNTJX4MLT9JLTNhw5IsgcHqMLgOVe9ky7SshhIco2VDD6cH74DdD8BXM3-PAdbzyeuQkL9GiOQlEu_WWZiFoW5tNi_sOaUcOaS-isGDJ-Fmhi-JPovYXvK4X0kzouN-2BGtt61dq7Y1199TLnTqZyGDhG9s8v36fCQVbR92-sIcSdo7qQ5-lQAjggPK2K8Afq1SRrXjXMEWAa9vTq40jOb-NGGGH_X-7Y_SrzLcwNiHKQ7GjGYm3pzC-VDDDAgolqshwPrd59C8W3VpX5kn3r23XB6TsW2M_dn4TQMJoVtJdDjTjCgWnPCjewCggZ7vjWBFz9n_ozxAYFYI0bmleqXfaEG2A-DU9sW-PszCgNypF9vXR_0PE7I5pbgw9R0fcn2FC2Aw0SRW0cbRl4OGl6mGpZZsPaLlx4kgpxNKaWDc64qQhnGnOP8IedbLkB7_Wo-yM4_o1znpQL7e-mfm0dbke8bRYOnnJLFtmJgcbx1TjuWlJqRYRqAhEAmAGTyimCtLbCkfb0mbkblL730Q55k9-dCsFjrnZdjoqqLLkMtBsRWnP1SiXtA0I7EJZGEazswwk9MP-3t5RIfXDxUxKXRxdvlXdFIW7gnKZtCEwx7wCIOevan86rMXdK0Pjb0OLf5FhTNWB8gC8fcYn51cnu35tGEsRdSZDVvA9pf2X2Sn7FlEduerbFu2J971w27zTJE5OoDjbH5z6&ext_cid=224906&px_id=73560190&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8117263191875138272&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.021892081860232598&verify_hash=b31ef6355731aaf4479cab03c695f110&is_native=1&real_bid=0.02170381003139515&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,4,90,5,33&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715307610&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-0-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.06&cpa=dea31cbf-28db-4d10-b901-f8c74f9d7464&prev_step_diff=1094 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134810&subid=1211831614&sid=860202703&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DQxrEUmBDdpb4NK_-VldEm9effG0D6d13J2L3NUEc4kLaFuiMj_QFo9OVL-odhixBXBfLyadEXHMRnrdKNC9vn2gfsKRWcrKfMlNqBiVlRGadGO2DQIqhpLoFtN2k2JzdI2zKJQAul7srrEY32L69qg4N-Te2BkFr6Y6PeuaL_XXlzHNy90-xUlE1Ak5ldD2cVmxSLyQPyn-_cGRZ_4yVeHkSd9X-ehiz2WfkXlbI-WJtBp8VtaDAERzTiD2qZURIClW2AzVycGAZXKm7ShQTVRwSxQ4JZZS1vQalWYF6c-u51X61PP4N7FaYE_Ku-aNUuiVMiVXR_RrI3kpEHaffFN_iCs8aboyzAWxaiJ4BLF69BoItEKpUaRErN0iXrMcAOuZrRC_WhXqylSWj2IOhMYlGYz4JUWnQGKWHS6A5aSy1djzeFGJajca8vZ88daFyqXukwCPDQGr7oxyRtr1ufPoFKqs2-dkKEJAOoqt4OuSEuKx_MHq0zdaI5F__EJfg51dcYHUMY9VVv3f-Wd8n7lfkEkrG_KiA0QCJkoVd7As34pLDCLj29KI6Njp4OQV8YokltFuaz1ED16Ww94zOOgvlzeT8JFQktiJONXvHmWI3gdtGIi4xEiNU7QO4JaxzfupHJSYKO-0q3eNG4ntjaqFOGtPxbC7LeG17FXERS8eZRJvxWZpZRJtIn31JaksJZOJ7Ku6ghMJSBSI0GboDT6D9RFqT6gmTDmUKup7-phzYbEQlOduZBHFZnX1iCF_t5O8LMOK9C5lM8X6GYGrQ7hAb6OrWrQ2HlrC6p-z663-VYmwwmRpF9reNCH-LYFt6dVSD3E6uBmadknSvGX10wQUQGn3fBQpmHZ2VLxUpoW1u-w8-KlMflZxcMK3xi1sIRdZrQuckaHf9_V2IH1OJXcdll8MKVKE3_nHdxqSlvTqgi7F3nZwJ9LaoXznLCYDyo3hbq4o2atD1s1BKDRwXUoQzIEtu2GMi7jh1YJD9z0U4FoGOn7lYGseGvngBW4sDwCkpc0DlBEYRavxxAvGyK4kqa0jd0eJ26-NAS-zKc1n28uv5iq8aXyorfY7s6QPp7rVi-2rZIyHfQI8mU8pDaVQBxV-AxxMnGXrAEGeM2mZhOy-tEe6cYpM0Uoy3YnTYgveKjujpeu_QrZuRTAvS1CSBtplBwAAReyvYXrniiKFK4iT6zN4qhFpkQdvtPjBGV1snGZBVPgNiJjE-d9imRqaiSqXZJWwDnG-FMHin4JWbUXVsT2wVGw-o8exFLp1p2EUVobw8YGuwgFrAwm-Q3l5PLHgJpd8-hDBcjBmmvqMh__4y%26bid%3D0.021892081860232598&icons=FjuqW8Vy2XBocOWch7m7Ovq3u1hLBQAiIq9Y4ZZ-cFD3An422QRQfILw6qB0CmNhsgkAxnls0XsB54og3nOqoiekRCIQgQMjeYMnL17Jw8Mnco3g5rfsXfNW4Cab75oVHc7SyOHAWsI6wdRyChEdVRqrPcDTBX56-o0bH75_jb8GQBn-YDDVi6b5a-4qmTP_4DoH5Lb-W5lbkcptmYlKCY1aX4gjPrmsMbT2gHKLA1j-nwit9GViffTuo5c8pF55avXdZ3Kaye_RyreCVQepwyERc6aJM4hncYAY80eY-UUCAUAmJJGJ-VZgSLCdJpdjMPrKCibORPy26M522L32L2mF3RgtW4bU5x9kECzacOJk-BZCq67FZT65nQDeqqvOpSr7dteH9bH_2fhpjTfz11XXvqpeZrWioAIp7HSUI7qcrbn2UxPJB9IrGIVlz6-OLKJF-GJCM6uImVTlutFpnddFWVMlnDLoKhEleGHrahYaXFwXSnIxVBMOB8t0vE22c5IqLOd95JOJrko6dI4nmTJhLcy4j3vC6asFrICz2K9lJwDwCztHIJA9yM_13Jt9NS1CHlYyBuerhsE7PzxgeLODOmmT8YRPNQnwz-hbgNTJX4MLT9JLTNhw5IsgcHqMLgOVe9ky7SshhIco2VDD6cH74DdD8BXM3-PAdbzyeuQkL9GiOQlEu_WWZiFoW5tNi_sOaUcOaS-isGDJ-Fmhi-JPovYXvK4X0kzouN-2BGtt61dq7Y1199TLnTqZyGDhG9s8v36fCQVbR92-sIcSdo7qQ5-lQAjggPK2K8Afq1SRrXjXMEWAa9vTq40jOb-NGGGH_X-7Y_SrzLcwNiHKQ7GjGYm3pzC-VDDDAgolqshwPrd59C8W3VpX5kn3r23XB6TsW2M_dn4TQMJoVtJdDjTjCgWnPCjewCggZ7vjWBFz9n_ozxAYFYI0bmleqXfaEG2A-DU9sW-PszCgNypF9vXR_0PE7I5pbgw9R0fcn2FC2Aw0SRW0cbRl4OGl6mGpZZsPaLlx4kgpxNKaWDc64qQhnGnOP8IedbLkB7_Wo-yM4_o1znpQL7e-mfm0dbke8bRYOnnJLFtmJgcbx1TjuWlJqRYRqAhEAmAGTyimCtLbCkfb0mbkblL730Q55k9-dCsFjrnZdjoqqLLkMtBsRWnP1SiXtA0I7EJZGEazswwk9MP-3t5RIfXDxUxKXRxdvlXdFIW7gnKZtCEwx7wCIOevan86rMXdK0Pjb0OLf5FhTNWB8gC8fcYn51cnu35tGEsRdSZDVvA9pf2X2Sn7FlEduerbFu2J971w27zTJE5OoDjbH5z6&ext_cid=224906&px_id=73560190&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8117263191875138272&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.021892081860232598&verify_hash=b31ef6355731aaf4479cab03c695f110&is_native=1&real_bid=0.02170381003139515&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,4,90,5,33&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715307610&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-0-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.06&cpa=dea31cbf-28db-4d10-b901-f8c74f9d7464&prev_step_diff=1094 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:10 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.24 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:10 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Thu, 08 May 2025 02:20:10 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=a0784a67-a537-461a-91c9-1b34e870b054&prev_step_diff=1094 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=a0784a67-a537-461a-91c9-1b34e870b054&prev_step_diff=1094 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.06&cpa=a0784a67-a537-461a-91c9-1b34e870b054&prev_step_diff=1094 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:10 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Thu, 08 May 2025 02:20:10 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 880 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash86c7f6eed115878ad4b3e7fb3666036d 848f9fb7a3c5ff796b3292c989c0e05ec07bfad4 c86eed446399ca6de8f232c4fd52211f0cc6602d9915c614894cfb66d1dcaafb
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=FFlqSh6P1JTuz_x0JD4f0NGYnj6BksoPBqOskF7Rh-jv3SvOTCYk-4ZDaEgj6u7y0aHSVGflQRMn7GcVc4XFAJvN7lk4krdJ7PXRLNrTKRlqps6jEg5DP22zXJonE_42gK4TRcov32K8coauJll4lKKDW6_CRpX1gOD2VOF-hLLlWwyzqjds7SinrFPE0Dr64iDay9ajosxmH5Bzx_m31dAwAMZixvF2CO62WqZYSPo2U6fAKHRKWHKBgwI1--OPxaXmdKIHd8vPp-82mnsbjXUmQlHIx-1q8u9mdSGIVHbcn6r5sfgBpg-r2UeQpc11exdjXMEItUkJMJyufgEQUH8KjVbzYfnvrHRAqkfl0U5pgBgfB93Y7U2jp1KyDyx5c2P9EsM_j8a7ODYYUGTlsy04h0w3mEVa2peMkXQU1Q_OFwmaZUTgM5t5QmOGb_nstiNLGuuCb0vRraKP67--e8lvvJFdNl3Nm4TWx6voikxrfbOr7B4wpwPbxtCyAtWnp0EjCC4NL8FSAjTjJCScHW79_dKBbpukctYVrEsgt7yY6CkcE3Pke2HfzRJuGxcDOy_jdBYBYSOUqnzfX7pNul8QZU2jJizQ_WTibw0utGDPLmd1Q7AR3bRSs-N-j1FVnSNQ18t4fQ05gjUihZerJeufVJP1M1XDq_UGxaw1YqklPAjDWYlN9Ih56jgx0iuPzlhbLOl4XNQ8R5osV17yo_dx7EwJmfeZMA-Wwxyq0_ExEFaf9EE0Wg9-qYBDuArClxiL8F8MDnsPGHczEx6PF2jk-8Nh3XH0qh1y2Dlskc_9jnb8llU66DjEUCFlsbAEj77aStj9uffbIQf_79gWwOgBohySY-vUnz04qLtPo8R302_6LOIZ-aebg0nR&bid=0.021892081860232598&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.06&cpa=eeb1ca4b-73a0-4c2b-a62a-20ceff9100f4&prev_step_diff=1094 | 172.67.185.171 | 302 Found | 0 B |
URL GET HTTP/2p.a64x.com/in/tip_shows/?katds_ep=FFlqSh6P1JTuz_x0JD4f0NGYnj6BksoPBqOskF7Rh-jv3SvOTCYk-4ZDaEgj6u7y0aHSVGflQRMn7GcVc4XFAJvN7lk4krdJ7PXRLNrTKRlqps6jEg5DP22zXJonE_42gK4TRcov32K8coauJll4lKKDW6_CRpX1gOD2VOF-hLLlWwyzqjds7SinrFPE0Dr64iDay9ajosxmH5Bzx_m31dAwAMZixvF2CO62WqZYSPo2U6fAKHRKWHKBgwI1--OPxaXmdKIHd8vPp-82mnsbjXUmQlHIx-1q8u9mdSGIVHbcn6r5sfgBpg-r2UeQpc11exdjXMEItUkJMJyufgEQUH8KjVbzYfnvrHRAqkfl0U5pgBgfB93Y7U2jp1KyDyx5c2P9EsM_j8a7ODYYUGTlsy04h0w3mEVa2peMkXQU1Q_OFwmaZUTgM5t5QmOGb_nstiNLGuuCb0vRraKP67--e8lvvJFdNl3Nm4TWx6voikxrfbOr7B4wpwPbxtCyAtWnp0EjCC4NL8FSAjTjJCScHW79_dKBbpukctYVrEsgt7yY6CkcE3Pke2HfzRJuGxcDOy_jdBYBYSOUqnzfX7pNul8QZU2jJizQ_WTibw0utGDPLmd1Q7AR3bRSs-N-j1FVnSNQ18t4fQ05gjUihZerJeufVJP1M1XDq_UGxaw1YqklPAjDWYlN9Ih56jgx0iuPzlhbLOl4XNQ8R5osV17yo_dx7EwJmfeZMA-Wwxyq0_ExEFaf9EE0Wg9-qYBDuArClxiL8F8MDnsPGHczEx6PF2jk-8Nh3XH0qh1y2Dlskc_9jnb8llU66DjEUCFlsbAEj77aStj9uffbIQf_79gWwOgBohySY-vUnz04qLtPo8R302_6LOIZ-aebg0nR&bid=0.021892081860232598&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.06&cpa=eeb1ca4b-73a0-4c2b-a62a-20ceff9100f4&prev_step_diff=1094 IP172.67.185.171:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=FFlqSh6P1JTuz_x0JD4f0NGYnj6BksoPBqOskF7Rh-jv3SvOTCYk-4ZDaEgj6u7y0aHSVGflQRMn7GcVc4XFAJvN7lk4krdJ7PXRLNrTKRlqps6jEg5DP22zXJonE_42gK4TRcov32K8coauJll4lKKDW6_CRpX1gOD2VOF-hLLlWwyzqjds7SinrFPE0Dr64iDay9ajosxmH5Bzx_m31dAwAMZixvF2CO62WqZYSPo2U6fAKHRKWHKBgwI1--OPxaXmdKIHd8vPp-82mnsbjXUmQlHIx-1q8u9mdSGIVHbcn6r5sfgBpg-r2UeQpc11exdjXMEItUkJMJyufgEQUH8KjVbzYfnvrHRAqkfl0U5pgBgfB93Y7U2jp1KyDyx5c2P9EsM_j8a7ODYYUGTlsy04h0w3mEVa2peMkXQU1Q_OFwmaZUTgM5t5QmOGb_nstiNLGuuCb0vRraKP67--e8lvvJFdNl3Nm4TWx6voikxrfbOr7B4wpwPbxtCyAtWnp0EjCC4NL8FSAjTjJCScHW79_dKBbpukctYVrEsgt7yY6CkcE3Pke2HfzRJuGxcDOy_jdBYBYSOUqnzfX7pNul8QZU2jJizQ_WTibw0utGDPLmd1Q7AR3bRSs-N-j1FVnSNQ18t4fQ05gjUihZerJeufVJP1M1XDq_UGxaw1YqklPAjDWYlN9Ih56jgx0iuPzlhbLOl4XNQ8R5osV17yo_dx7EwJmfeZMA-Wwxyq0_ExEFaf9EE0Wg9-qYBDuArClxiL8F8MDnsPGHczEx6PF2jk-8Nh3XH0qh1y2Dlskc_9jnb8llU66DjEUCFlsbAEj77aStj9uffbIQf_79gWwOgBohySY-vUnz04qLtPo8R302_6LOIZ-aebg0nR&bid=0.021892081860232598&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.06&cpa=eeb1ca4b-73a0-4c2b-a62a-20ceff9100f4&prev_step_diff=1094 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 02:20:10 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRtXp70eNt7xhO87GrCyEkSD9Jhl29pH2R2%2FO553aAwdIhQMyFcyk3V4gmfCVdfC01R%2FulasRzQECzPWw2pSQ6%2Bg5w%2BmaK%2F2Xfin3fhdeWCSeMARfkA63u2Lok6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8178f1db512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg | 45.133.44.24 | 200 OK | 11 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hash7a0f4319e0c7d4e0ec42eae657ba39fd e2940c23868c5975a1dc1a3c963609b34abbe6b5 6c0278ead1dce8c37b6b233d5251184cd820586eeb5d30db860c1c7315d5dba0
GET /m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:10 GMT
content-type: image/jpeg
content-length: 11228
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:57 GMT
etag: "66159d89-2bdc"
x-request-id: 13aea49745d30295dcee0faf2bf8a0c1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg | 45.133.44.24 | 200 OK | 2.5 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hash9eb726ecf5e85e3b48f854490ff8284a d08b4f022e64d06f2642c5c9217d35b7851516d5 30bd73405bb72856107c9e940bece489b670970c3d2e4d6b592cc138a67a3c05
GET /m/p/0/777/777181/conversions/PguV688J-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:10 GMT
content-type: image/jpeg
content-length: 2460
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:49 GMT
etag: "66159d81-99c"
x-request-id: 064bc710493213dae1825c3b2f5e7289
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=5f2cd5c6-38c6-438a-8d81-d3e3758efbcc&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=5f2cd5c6-38c6-438a-8d81-d3e3758efbcc&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=5f2cd5c6-38c6-438a-8d81-d3e3758efbcc&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:11 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 4.7 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashcc0a670c2bc6f84eef8c1b7631a78dae 631a8f27b572c38e6c2a2f5d0dc172192e3228ed e4ab9ac3ec1b77d17e61df35ac4f6f6d1b731d4249ad932e11da2877e92bdc0b
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1482
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 08 May 2024 02:20:11 GMT
content-type: application/json
content-length: 4704
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzRavSterGnAID5zfHSl7RIFh79eh_pkq1CNb3SvVQpoJVYL5d5ydvxuVZxGTHFYlB_M5zTmA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1358285550%3A1715134810625203&theme=mn&ddm=0 | 64.233.165.84 | 403 Forbidden | 7.6 kB |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzRavSterGnAID5zfHSl7RIFh79eh_pkq1CNb3SvVQpoJVYL5d5ydvxuVZxGTHFYlB_M5zTmA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1358285550%3A1715134810625203&theme=mn&ddm=0 IP64.233.165.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
File typegzip compressed data, max compression Hash4cd083d40424124ec5466bb12061f866 6603d89a903bfc45d80d897083945d3154ab3752 cfdd561023f35538036ee1d2028d312b5f3e849a230f63571cad8ab7634a6bab
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzRavSterGnAID5zfHSl7RIFh79eh_pkq1CNb3SvVQpoJVYL5d5ydvxuVZxGTHFYlB_M5zTmA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1358285550%3A1715134810625203&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 02:20:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-6u7Huk7AgDNPBN2Kz9m-3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nereserv.com/in/dip?event_id=e488f972-3721-4883-92b7-dee5f4110051&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=e488f972-3721-4883-92b7-dee5f4110051&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=e488f972-3721-4883-92b7-dee5f4110051&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.106 | 200 OK | 1.5 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashf2e2ef45d2e72cd58cb4a28a026e2eba 08b163ec93f2cb06aca2eb9aa413c4bc34da87ca 58d73cf4b2557a8ad017611aa851b9b9db34a2b8db5976a6c04907ad5bd2cfd7
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:13 GMT
date: Wed, 08 May 2024 02:20:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=5bdeb259-c9ca-4b2e-a4c2-07e3441d908b&subid=1511354673&sid=2590395888&spot_id=529500&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=5bdeb259-c9ca-4b2e-a4c2-07e3441d908b&subid=1511354673&sid=2590395888&spot_id=529500&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=5bdeb259-c9ca-4b2e-a4c2-07e3441d908b&subid=1511354673&sid=2590395888&spot_id=529500&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:14 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 1e7942d985.fff2788093.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
URL POST HTTP/21e7942d985.fff2788093.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /in/multy HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:14 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/hiNDCoc5OA_oZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq6lubuKcgEfSrhO0g0Jv21dBmL_TPyblUJm7Q?kws=video%2Cclan%2Cwithout%2Ctaboo%2Cwant%2Cfuck%2Cstepsisters%2Cdelicious%2Cpussy&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Wed%20May%2008%202024%2002%3A20%3A07%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.4 | 200 OK | 7.2 kB |
URL GET HTTP/232879.2481april2024.com/hiNDCoc5OA_oZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq6lubuKcgEfSrhO0g0Jv21dBmL_TPyblUJm7Q?kws=video%2Cclan%2Cwithout%2Ctaboo%2Cwant%2Cfuck%2Cstepsisters%2Cdelicious%2Cpussy&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Wed%20May%2008%202024%2002%3A20%3A07%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeUnicode text, UTF-8 text, with very long lines (46950), with no line terminators Hash8a9e185895a184fa9d757b001a0b0724 6aead0b2909e098e1bc8a253527d901c74ad6c43 3813e61044c2279f43477050f0cf02ac9cde752039d627127c6b998f90d6f49c
GET /hiNDCoc5OA_oZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq6lubuKcgEfSrhO0g0Jv21dBmL_TPyblUJm7Q?kws=video%2Cclan%2Cwithout%2Ctaboo%2Cwant%2Cfuck%2Cstepsisters%2Cdelicious%2Cpussy&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Wed%20May%2008%202024%2002%3A20%3A07%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Wed, 08 May 2024 02:20:10 UTC
expires: Wed, 08 May 2024 02:20:10 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.13&cpa=62aa99e0-ba43-4b0f-b7aa-e1711c83a4e4&prev_step_diff=693 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.13&cpa=62aa99e0-ba43-4b0f-b7aa-e1711c83a4e4&prev_step_diff=693 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.13&cpa=62aa99e0-ba43-4b0f-b7aa-e1711c83a4e4&prev_step_diff=693 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:15 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Thu, 08 May 2025 02:20:15 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134814&subid=1511354673&sid=2590395888&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&icons=wiP9MaW-pHYQjnaOe2-vBDSN05MAzWxkxik_yeqUVMaSasy57lDjTieM5dx2T8QehyHmFJ34D0CFNTaX_S6ZCsO_hMZAUGInatJ-HqKlAAipicB2qrA--sKXI6LHQ8JXhW6Rjgf-ij8gnIxSeCjVL1_jEw4X_7__mkuwLpM6C2lWMe1J_g&ext_cid=0&px_id=529500&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=2839302747906711941&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01690861968759447&cpm=0&verify_hash=80d34a4753d1ada89c1a5a0ec88c1277&is_native=4&real_bid=0.00048587458372000106&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=20,108,0,114,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000026809300000000004&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.13&cpa=f6a350f8-7b43-479e-86ff-962e99b5ba19&prev_step_diff=694 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/21e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134814&subid=1511354673&sid=2590395888&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&icons=wiP9MaW-pHYQjnaOe2-vBDSN05MAzWxkxik_yeqUVMaSasy57lDjTieM5dx2T8QehyHmFJ34D0CFNTaX_S6ZCsO_hMZAUGInatJ-HqKlAAipicB2qrA--sKXI6LHQ8JXhW6Rjgf-ij8gnIxSeCjVL1_jEw4X_7__mkuwLpM6C2lWMe1J_g&ext_cid=0&px_id=529500&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=2839302747906711941&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01690861968759447&cpm=0&verify_hash=80d34a4753d1ada89c1a5a0ec88c1277&is_native=4&real_bid=0.00048587458372000106&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=20,108,0,114,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000026809300000000004&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.13&cpa=f6a350f8-7b43-479e-86ff-962e99b5ba19&prev_step_diff=694 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134814&subid=1511354673&sid=2590395888&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&icons=wiP9MaW-pHYQjnaOe2-vBDSN05MAzWxkxik_yeqUVMaSasy57lDjTieM5dx2T8QehyHmFJ34D0CFNTaX_S6ZCsO_hMZAUGInatJ-HqKlAAipicB2qrA--sKXI6LHQ8JXhW6Rjgf-ij8gnIxSeCjVL1_jEw4X_7__mkuwLpM6C2lWMe1J_g&ext_cid=0&px_id=529500&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=2839302747906711941&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01690861968759447&cpm=0&verify_hash=80d34a4753d1ada89c1a5a0ec88c1277&is_native=4&real_bid=0.00048587458372000106&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=20,108,0,114,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000026809300000000004&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.13&cpa=f6a350f8-7b43-479e-86ff-962e99b5ba19&prev_step_diff=694 HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:15 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| js.mbidinp.com/npc/sdk/wpu/npush.m.js | 45.133.44.52 | 200 OK | 46 kB |
URL GET HTTP/2js.mbidinp.com/npc/sdk/wpu/npush.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe164f0fc509991890121aa763019689d 16f901a89a57f87c90d6cea80cff9f8bd32756dc fdd439b2c8d28676c5e03847afc19252a3d6d88a670ba48db4ac020866c6b6ec
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg | 45.133.44.24 | 200 OK | 10 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hashd27321438be78f72c18f84cecb85c11e 31084685ba871245f90f4ac23949bc4aa37ce39b d08796c038822a8e5b0b8f249dda868ce114459c911091b0969acf32df501b98
GET /m/p/0/777/777156/conversions/3b69WTpe-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:15 GMT
content-type: image/jpeg
content-length: 10147
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:54 GMT
etag: "66159ab6-27a3"
x-request-id: a42fb51f65ac1ae8733899620e4ac07b
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=DvV55Pi2A-D7HlFF4IDTvmYm5F_vwUhl570ij7d2lUTFjPaMwGUFWZY2tkbtvjk4twFItF2LOsFFxU4RqdNHb5uEz1-wQEXll9dlHpR3Nv-3vBwD-cWlWsT8xcDjxpxLaCXneWdBmWj8t04b3X8rDypFZOY6X4UCuiMvlw4c0FcC0tRfPLARrmI3ZCWaC4nLqSGhwTiJCY4o-6mgRVpgbNuYcODYFQAQvcx2otUbLCyAfrw05TS4uK9pUvjypGfowIbfYYa980ajtgcSN6Iu9yCI_tWwE6GttmDMwb8du2NT8DxSF-rCy4RyY2agJj94im-a6I2W5W9mA7e2HmQDa731i9YMX3ALjvGgxbPyvsNTGTti4pmobUGwO1iuOM6fmpIZECq5rtoUcTYN0F-kT_AjSRZ5mpb8HOZPQL-bPYMjjEEJ3NMbXVf6H9166W6xjLbpb-3YXLW0FuLbRzjRkklesubWwFtQ-AEg9DN80piIsCeePcKgkpWEJTRL2WC-YfdrgG47bY6QQ5CxKkWcdcvTDGBTj1vBodNLkFjrMEa3D6vOOU847w5bp1GRczgT3BjTaUAPb7IF9pFwy7OWHpfX8r9B_UeHSZD5GrZA_-2H9Py_FqOuUI2fqdzOFLXYt8lhCSEdRhwmWyt1IHKV4VpFcfnv_mnmjuJI9-TnIuXS7txfiH1SjoIEjHsgAFcopYu69VQkvxbdpZM7oPRiIc2vW1XRrAYrCKkqsFdDJciBZZGYkjnMTNmjx6LLGuMiYPV6PrOpJ6O57zZ2Rmjdbmw_gRBlWGxA_mnJY5CQTfuhcNIzM9h70UlTb77YzzqBnf8iC23V77N17vstolt0rPbxnF0qRiSMfcgyr54ojRfi8h2TF4gG0xDMxI3q8A&bid=0.004899363770037027&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.13&cpa=31b7ad16-268f-4a66-84f0-5a81f188ec78&prev_step_diff=693 | 172.67.185.171 | 302 Found | 0 B |
URL GET HTTP/3p.a64x.com/in/tip_shows/?katds_ep=DvV55Pi2A-D7HlFF4IDTvmYm5F_vwUhl570ij7d2lUTFjPaMwGUFWZY2tkbtvjk4twFItF2LOsFFxU4RqdNHb5uEz1-wQEXll9dlHpR3Nv-3vBwD-cWlWsT8xcDjxpxLaCXneWdBmWj8t04b3X8rDypFZOY6X4UCuiMvlw4c0FcC0tRfPLARrmI3ZCWaC4nLqSGhwTiJCY4o-6mgRVpgbNuYcODYFQAQvcx2otUbLCyAfrw05TS4uK9pUvjypGfowIbfYYa980ajtgcSN6Iu9yCI_tWwE6GttmDMwb8du2NT8DxSF-rCy4RyY2agJj94im-a6I2W5W9mA7e2HmQDa731i9YMX3ALjvGgxbPyvsNTGTti4pmobUGwO1iuOM6fmpIZECq5rtoUcTYN0F-kT_AjSRZ5mpb8HOZPQL-bPYMjjEEJ3NMbXVf6H9166W6xjLbpb-3YXLW0FuLbRzjRkklesubWwFtQ-AEg9DN80piIsCeePcKgkpWEJTRL2WC-YfdrgG47bY6QQ5CxKkWcdcvTDGBTj1vBodNLkFjrMEa3D6vOOU847w5bp1GRczgT3BjTaUAPb7IF9pFwy7OWHpfX8r9B_UeHSZD5GrZA_-2H9Py_FqOuUI2fqdzOFLXYt8lhCSEdRhwmWyt1IHKV4VpFcfnv_mnmjuJI9-TnIuXS7txfiH1SjoIEjHsgAFcopYu69VQkvxbdpZM7oPRiIc2vW1XRrAYrCKkqsFdDJciBZZGYkjnMTNmjx6LLGuMiYPV6PrOpJ6O57zZ2Rmjdbmw_gRBlWGxA_mnJY5CQTfuhcNIzM9h70UlTb77YzzqBnf8iC23V77N17vstolt0rPbxnF0qRiSMfcgyr54ojRfi8h2TF4gG0xDMxI3q8A&bid=0.004899363770037027&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.13&cpa=31b7ad16-268f-4a66-84f0-5a81f188ec78&prev_step_diff=693 IP172.67.185.171:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=DvV55Pi2A-D7HlFF4IDTvmYm5F_vwUhl570ij7d2lUTFjPaMwGUFWZY2tkbtvjk4twFItF2LOsFFxU4RqdNHb5uEz1-wQEXll9dlHpR3Nv-3vBwD-cWlWsT8xcDjxpxLaCXneWdBmWj8t04b3X8rDypFZOY6X4UCuiMvlw4c0FcC0tRfPLARrmI3ZCWaC4nLqSGhwTiJCY4o-6mgRVpgbNuYcODYFQAQvcx2otUbLCyAfrw05TS4uK9pUvjypGfowIbfYYa980ajtgcSN6Iu9yCI_tWwE6GttmDMwb8du2NT8DxSF-rCy4RyY2agJj94im-a6I2W5W9mA7e2HmQDa731i9YMX3ALjvGgxbPyvsNTGTti4pmobUGwO1iuOM6fmpIZECq5rtoUcTYN0F-kT_AjSRZ5mpb8HOZPQL-bPYMjjEEJ3NMbXVf6H9166W6xjLbpb-3YXLW0FuLbRzjRkklesubWwFtQ-AEg9DN80piIsCeePcKgkpWEJTRL2WC-YfdrgG47bY6QQ5CxKkWcdcvTDGBTj1vBodNLkFjrMEa3D6vOOU847w5bp1GRczgT3BjTaUAPb7IF9pFwy7OWHpfX8r9B_UeHSZD5GrZA_-2H9Py_FqOuUI2fqdzOFLXYt8lhCSEdRhwmWyt1IHKV4VpFcfnv_mnmjuJI9-TnIuXS7txfiH1SjoIEjHsgAFcopYu69VQkvxbdpZM7oPRiIc2vW1XRrAYrCKkqsFdDJciBZZGYkjnMTNmjx6LLGuMiYPV6PrOpJ6O57zZ2Rmjdbmw_gRBlWGxA_mnJY5CQTfuhcNIzM9h70UlTb77YzzqBnf8iC23V77N17vstolt0rPbxnF0qRiSMfcgyr54ojRfi8h2TF4gG0xDMxI3q8A&bid=0.004899363770037027&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.13&cpa=31b7ad16-268f-4a66-84f0-5a81f188ec78&prev_step_diff=693 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 02:20:15 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0R4AoZlRTCrBziJargTei5DEa6tvLF2iFk7FleYfz2%2FOENbDLdww4ktOHpzQBSrnw5RxX7eniEyJ1q%2Fs5mlXNj6ilIlk%2BJtmo%2BsvBreMRkMZlKAW2TIBBtK%2BIWY6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8339be1568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg | 45.133.44.24 | 200 OK | 3.0 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hashbbd50a964fd18363b647225883bbb908 960383ba8379454c49adc0ed9c0faf681a898d61 58deb046cbfa7bfae5ed5290686bda50b55be2bf0ea62f1577ca135a8fdeb10e
GET /m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:15 GMT
content-type: image/jpeg
content-length: 2972
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:46 GMT
etag: "66159aae-b9c"
x-request-id: bcbe6ea9e5034af8477860eea5b5ead2
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 172.67.183.69 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 520
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Wed, 08 May 2024 02:20:30 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8805f89279bd56cb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2LONWyvnG9hR60wrT%2FBoEbVsrE%2Bxv8RRRDNE20LYkWj93KR8ds8BF%2FoKi52iW68fXuN9op5t5c2S4S%2F0dks5hktTNMf3pBd9kKAdvGuRHuluhEQ03rPg0OSRXl4RNHEIJzBbpI2cAd7dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f812babeb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/2storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 02:20:09 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGbBPaL4Mc58xgikRKJqzkNWmhirAp7Vk1sCC84y71Rp%2B8%2Flp9rqHkpP5H1mt1VR5UvaJChopd6MJ82DB9IZpJT0ZSHjjGkPpXjGWkqiqvOnxTMOxOrqyOzqbwfygW3GDs6A4qgoWRolIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f80e6e9b569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1202bb3601.29972123f3.com/85e8405e316bc191fffad51abaff7a3c.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/21202bb3601.29972123f3.com/85e8405e316bc191fffad51abaff7a3c.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /85e8405e316bc191fffad51abaff7a3c.js HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02hK4ArABkD%2BkKyAale1VfXqF%2BmTGax%2FUZ3csWOm%2Fr47DvqeRJznK4E1bP8yqyXgYkG5MlBgT0K3s56guD9sIlDikOIMHuVRio51h9EH6Gq98HaVuItnXzsiCZhQeE%2Fay1hD%2BZIbdoHcnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f814eb7fb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:11 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJnLQHMzo0iaOWqvhQbdO08%2BtAedCUkgfIZwLFJhJ2k3kVZJnq7GnsfAqDHNfHyw6nTeSzKski49U1SL3JZp8VhhS9%2B3%2FklBOYCH71FgCdcobezWbDixXCJZjzRJE4L3xSZzt9fYdVIdIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8195d43b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glakaits.net/?rb=ymGcWh6-hSYXeD1lz0tXkCu-der8NBaEniuN8V7nyXbkg0SVUSnousliK-5ysZOMJXRD9vl5w-9HLoM-FIIzXtasqJniPnWpN_aD2hSJd4EpYZK6BIEZoGAxnq4SmdEfgzAIei_coJVnJk5zMRGbPh4kEaiNow6uRArY8qEAHOO-U6dzRKDsnwDVJp8kuMNB0pc_jzlNelpz41Q02NQBteyWaYCW7InEGrSqDmDyzmPf2YvmO8S-Qe5KZycVakm6MQoqa4wCRUfVTVd0&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=4&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=666bfca6-2879-4708-92b7-8d7e240e8d23&wasm=1&userId=o7ft575140je452692623f3b9fywj863&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2glakaits.net/?rb=ymGcWh6-hSYXeD1lz0tXkCu-der8NBaEniuN8V7nyXbkg0SVUSnousliK-5ysZOMJXRD9vl5w-9HLoM-FIIzXtasqJniPnWpN_aD2hSJd4EpYZK6BIEZoGAxnq4SmdEfgzAIei_coJVnJk5zMRGbPh4kEaiNow6uRArY8qEAHOO-U6dzRKDsnwDVJp8kuMNB0pc_jzlNelpz41Q02NQBteyWaYCW7InEGrSqDmDyzmPf2YvmO8S-Qe5KZycVakm6MQoqa4wCRUfVTVd0&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=4&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=666bfca6-2879-4708-92b7-8d7e240e8d23&wasm=1&userId=o7ft575140je452692623f3b9fywj863&m=link IP139.45.197.242:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectglakaits.net Fingerprint1F:46:3E:C8:C5:6A:64:F5:29:66:0F:5C:6E:CD:48:77:10:EA:26:02 ValidityTue, 07 May 2024 18:52:12 GMT - Mon, 05 Aug 2024 18:52:11 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2360), with no line terminators Hash1f20b1236b67ed38609d6c17674b7160 d0ab1ff15ce4e37d2e686a3201efff0152f6ff6c abc3ed57f05497ffc68af39aeb8e0ca9aed710c3cd8e07d717f85964d7bc4570
GET /?rb=ymGcWh6-hSYXeD1lz0tXkCu-der8NBaEniuN8V7nyXbkg0SVUSnousliK-5ysZOMJXRD9vl5w-9HLoM-FIIzXtasqJniPnWpN_aD2hSJd4EpYZK6BIEZoGAxnq4SmdEfgzAIei_coJVnJk5zMRGbPh4kEaiNow6uRArY8qEAHOO-U6dzRKDsnwDVJp8kuMNB0pc_jzlNelpz41Q02NQBteyWaYCW7InEGrSqDmDyzmPf2YvmO8S-Qe5KZycVakm6MQoqa4wCRUfVTVd0&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=4&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=666bfca6-2879-4708-92b7-8d7e240e8d23&wasm=1&userId=o7ft575140je452692623f3b9fywj863&m=link HTTP/1.1
Host: glakaits.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:09 GMT
content-type: application/json
x-trace-id: 36a2dd77efb8c4141bc2cfaeba0e93d3
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=o7ft575140je452692623f3b9fywj863; expires=Thu, 08 May 2025 02:20:09 GMT; path=/; secure; SameSite=None
oaidts=1715134809; expires=Thu, 08 May 2025 02:20:09 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 02:20:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ja9%2FXM9uQXUgLULVtgc6eeJuCk5YQgv5ivVoTYJfot1jKNRDCnYlWU0w1zND6W3krZRXcpWnROXIEZvN6fbZ8me24e72WwZowZbP2jGvok%2FQhj81XN2PrNP2njzJr7%2F4D5c%2FMBA%2Bj2TAQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f815fc0fb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:11 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KILpoykOOrsvoOoGltr4iPKp2LcHKJZa3rcWOh8S3uK2Z2Nj9dAjXZn9P8piVxIDh%2BYFx%2Bc6B7cap2CTf4Hm6HlbYgrrUup757o%2FmVpGIUPZeN8GGOl4yI%2FBOQwwfU3rewEuN7pi1YtPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8199d54b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zovidree.com/tag.min.js | 172.67.166.14 | 200 OK | 90 kB |
IP172.67.166.14:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectzovidree.com FingerprintE7:A2:02:40:34:64:74:90:8F:C4:F5:DA:6D:7F:08:2D:33:29:9A:FD ValidityMon, 22 Apr 2024 15:25:10 GMT - Sun, 21 Jul 2024 15:25:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7573260aff69fe8406b0115ab4bcefaa f7f5c31f2481bd176a9b79deff1b7c0d4878f87c 280186476a1f8103793e2139d4654b16f61a2a1d393966388f55b8ed795ebba3
GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1a13b2616487079790d1ad15928b1eb9
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:51:41 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 May 2024 03:11:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 83285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ii48QwJlJYEBg%2F8rW41m4jBq4D7Y%2BjG472o0M4OeeXfD4bfJz4yesoNsfmUsTGxmtVmX%2BTsbpObamKhkocYcfv15OPsUgPy24LETh49fkcbcsB1kb7AWrjghZDj1DQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f7ffe8a7712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6L8wWjTlpmRVpjS2I6cU1tIZG7zpQ4pLcu5bcCdpDRwHuyG4zsFqZecf669jLOPHPStDMdKKZ%2FoN5A9bAYLlgdd%2B0eXnZGGfTqGPy1%2FBqLnwYd0uCNx1RGF6W9o1BqH3X8EiKFDX85RCEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8149b5cb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:11 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmNEaoFWxFaMJOSWAmmgFsm6iKZ57B%2FVEVsAmQNtQmGPl9Y29anGrZD1k8Q8llv5zREoJ6KtrulkXSGcQ5u1klFwbSlQHR5%2BziuXUjaEoqwKt%2BpM3xXEE8hG%2B%2BHgN9NpY0IzSnN%2B3fQfNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f819ed6bb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/2storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 02:20:09 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohLTfY0am09ZpJsH8A9zuBWLLT8sOiqa3%2BGKt7Ss497A2vAYy3X%2BEd%2BHzKJpJfYpa7Cnv5S5%2BwUI2f0wJbg4d8ZdR%2FGefxwSm9AbWJFNFZQRGGFVot1VRTcMlGvKAEruoZFKQ6t4ImpXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f80edecf569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:11 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StPX8GsU8FOS9tkoG3qR5IgZj30BFt88tx0u3HDXP%2BFjhMK6so4GGCsAXnzvtdVxjm3GfflgpEP9EFVlWCuxlBxAJ8nVyZDq90uzc5QKBQKaCpFHVvTc2Ma1AU9Z3oCl1D%2FFsooaFMpzuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8190d29b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYYhaeFGJj214qLLB3as6QVl94%2Fhbrd8tRt6MJR8bGoajVOFEv2AFdAj0GpbhTTV%2Bac79LQk7IGis9P7mIyGXleCbHqwokyWiEmpMcaray9OhYWHX%2BZA8CG633F8GVzviYo4J9%2FjTsZ7Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8163c34b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.201 | 200 OK | 158 kB |
URL GET HTTP/2mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hashc6ea5aedb4469e81f7d41b0eec41f409 7d7edc7b87462fb56c5e3c17c86bebad542d1d6f 72ad45cf0dd548c1f9611c35289dec90c22375b45bf1aa33d6a14ac7f896865b
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1202bb3601.29972123f3.com/569f22a889f80ae5fb51436365dfe21c.js | 45.133.44.53 | 200 OK | 101 kB |
URL GET HTTP/21202bb3601.29972123f3.com/569f22a889f80ae5fb51436365dfe21c.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /569f22a889f80ae5fb51436365dfe21c.js HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:08 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:08 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bq560rMl8HBuXUX%2FpIFp1bCBtsyvA8u5Zs3DSgI4XJRn7kOO3ZH5OihzA3R9WrBu%2FzjtoXuyuCr1chNu2G%2F%2FyWuWPT2JaieNnGfSJc9gkZaVfhYa0dqPSdmm3akKkl7SZ5e4khgYcbCocw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8153b9fb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js | 172.67.183.69 | 200 OK | 7.9 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7908), with no line terminators Hash456bf3e3dad6f5ede6f71ba681a332ba aca7e19d20a96e158702117fdf51203c1a1404cc 08e0d5aaa5f3972ebb42394c109dc71e7da952974b34389ce35f77f95eb004ef
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbzEflgYRAcrpuIThmREUzj%2BHf7DS6Cf6RZ7FqdRlKcktFDFpFWmg0K%2Ff%2Ft7mDFP7wdOFvYjdVH5rbspL%2FcVUxAOcZMvsbGhK3Yh1ndZ2JXb00sB6VFN1VZSXl35CoJjJgaH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f8021ba456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4smlaJM30882IMRSbYLX3qGurAG1%2Bt0fPg2eMQFn1Bk4dFoYTxajGzSEsgrXZ9ZGqVuQHVqcC%2BC89%2BKtVs%2FNcQdc%2FcnaWJy598oGOsPE17pMD8qH7B8Umb%2B5QBda0kRZ532teFVA0%2BFCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f815abe1b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:11 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jm77KIiRUscYXYJQLsaQWzjICcrDP4q8aL%2B%2Bc%2BblUtUpN014TYGG1r%2FfujJzcA46brPdjSjy74%2BMXOWiVclIXgESPA0ZY4uBbetbyhVQ0aXSfzYECnxb5JAAK%2Fh%2BTtJne6nEWNepUthgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f81a3d80b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzM2ODc2NzkzOTc0Njc2MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 168.119.25.78 | 200 OK | 0 B |
URL GET HTTP/2metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzM2ODc2NzkzOTc0Njc2MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP168.119.25.78:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzM2ODc2NzkzOTc0Njc2MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 02:20:09 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxk0j7iJB0fXh9HBztWnlzka%2FDYmuja5f%2Fo2KbGIUHD7h0NnpGMxTdrL2m92DHe%2FLPAexBGlo0%2BRvsRgvZ4naIQ0WijljvidHs06HsfkDzzlfybN9rZOleHOW5SsKEozoR6CpQKf9rxhqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f813bb19b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:11 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaJ94Y93m0oYG8fafAfM3wMqwfwCguvLmkzy4Q4hU94hhLWBHRJXUJx1UeKKpDz0ZOVu7JTg%2Bp4jKM5zSzf60ezx9FuxGV3MlLWNDHSiJ77bFGbel7ccSpen1qdALVT4r92bQyLHuP1YUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f81a8da7b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 799 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (817), with no line terminators Hashc493231efba2219e3348f16e938d7380 95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1714980024_c43a831a4f5a759d.jpg | 172.67.183.69 | 200 OK | 22 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714980024_c43a831a4f5a759d.jpg IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hasha2aeaf79359fbce3c7bafec616c5a1a3 76ba4b7035ed8b7f13b4b11a925af9d8175e3f4c 444ca16369e5587d7bef998e4ab2aab08a6da25394fce75b5551dc7649890f8d
GET /thumbnails/1714980024_c43a831a4f5a759d.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:06 GMT
content-type: image/jpeg
content-length: 21555
cache-control: public, max-age=604800
expires: Wed, 15 May 2024 02:20:05 GMT
etag: "5433-663884b8-8c5688;;;"
last-modified: Mon, 06 May 2024 07:20:24 GMT
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2pj5PPFuYgRGcMM7SQ2aCrNV29rTgfZ5qAoiZIJYZpl3%2ByHx9H%2B1EsbS5K27UMbBH%2BBx3Zojy5GE2Hnme9BqSTf%2FoPwNn3R9cVGnMkGsC%2BaqpKR0%2FfjcspyLpphjuDqgWTM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f7f81fc056cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto IP139.45.197.245:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3160), with no line terminators Hash9ca54578b7c224a71476b2251e6a9f03 5b0030a6d5ac224ff36d2df51986a3b654681b10 1d610bc8dc62cfda5c262c742a282594bdb7b22c424269c6f7b7490454eeb276
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/7446033/?oo=1&js_build=iclick-v1.788.9-auto HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:08 GMT
content-type: application/json
x-trace-id: 920fccd240fb412473bc491440b402c8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008056add9ec4edee58be14e040dc716; expires=Thu, 08 May 2025 02:20:08 GMT; path=/; secure; SameSite=None
oaidts=1715134808; expires=Thu, 08 May 2025 02:20:08 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1202bb3601.29972123f3.com/edd3f584431195a64a2c615d7550e6a9/161855?version_name=d | 45.133.44.53 | 200 OK | 2.4 kB |
URL GET HTTP/21202bb3601.29972123f3.com/edd3f584431195a64a2c615d7550e6a9/161855?version_name=d IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /edd3f584431195a64a2c615d7550e6a9/161855?version_name=d HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 08 May 2024 02:25:07 GMT
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1IwLsNEPD7kBJCWo0N8rzdSsngBe2UryFndOBBg%2B2X%2BWIqYRDdiI1o8Mqxfv1on%2F%2BjEhxPJHbCYRpAZfzaBnq5OpR0VC2Okk59wAWG2DO51jCGyHYbgTZx%2Bs4eJGs8PapMyTtYBK67J2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f816ec7db517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.165.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.165.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:lr-g-zOkBhXc6bNkYMJtiPOswMDnPQ:ld34CIAq8JG8ezUZ; Expires=Fri, 08-May-2026 02:20:10 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 02:20:10 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwewnBd3CHVY4FljwVlUifV6AY1i8blCVNSf9wdXnp1USPIbEdxV3XPuuZcegD0iZiQe8Jn2g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-p9Da_5s1xYEM0lE59J2MCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/chicken.gif?z=2025683&pb=ee275597fdae6f8dc4785cf27148bf7e1715142007&psp=jXMdwXo5Scjr4CHvZ5ZlLYTU1HGofH9ppIUEo965kfCfAo4VVt-Ys0l1LptFEPln-fE2bz75O9xzS214ypw2H3coLVxQQafXLCfFOi4ZTaDECnZ8z3YjhCUSnZDXBnQzdq13hWtTbpsOg7mnthCSugeRRtXS2LoyogO8oP-k_fmly1W53tD84Yr3eaFcJeV9P0g5wgc_K2IWQPEIBs8uzQUpjirViCX2r-z8GxJVIM1KD5kUk6WS6kawQZDl9C6pgdaxDSnYFtQHQytLv3qBTTlN8ZBR-DgY__QjetKSyAxj1chAaX-z2BNjekMNRx1rQqTpk9K8zj3xtYI6fvc_-TPeCF1kyfbG0D-66s5JnsnB95ZzieKIO7o3gwHGHMn2PYjDuY3dO42YpfBBQnTK05NkaemfvZCEEfn2ws9riFBGfliN3DcMShaJ66OgeDZ4AoyY6uq_Cq-8yqW3vJGB46xRZhKOI-iWBJqd2jbICH_aL562DKBh90lIxKyFxS_ABZSb0Xg7T18H7xRojGgadUYujcbd0b_-t4IpuQt4Ih957okBXTAnerylhrsDriUuCIsszIqedD0X7_GeluY17gP_of4iwxovgmd66rrWOrFM7Lm6eW84C330DnWLY0RmPbB7gDXQ18Gj2aGo_h9on43uDvz4kyDQAv2BLvfQ9JIfI5OADy9Gnj3xMV2e6vE=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702422673920&eclog=0&im=1&_=0.8953365739761693 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2pyknrhm5c.com/chicken.gif?z=2025683&pb=ee275597fdae6f8dc4785cf27148bf7e1715142007&psp=jXMdwXo5Scjr4CHvZ5ZlLYTU1HGofH9ppIUEo965kfCfAo4VVt-Ys0l1LptFEPln-fE2bz75O9xzS214ypw2H3coLVxQQafXLCfFOi4ZTaDECnZ8z3YjhCUSnZDXBnQzdq13hWtTbpsOg7mnthCSugeRRtXS2LoyogO8oP-k_fmly1W53tD84Yr3eaFcJeV9P0g5wgc_K2IWQPEIBs8uzQUpjirViCX2r-z8GxJVIM1KD5kUk6WS6kawQZDl9C6pgdaxDSnYFtQHQytLv3qBTTlN8ZBR-DgY__QjetKSyAxj1chAaX-z2BNjekMNRx1rQqTpk9K8zj3xtYI6fvc_-TPeCF1kyfbG0D-66s5JnsnB95ZzieKIO7o3gwHGHMn2PYjDuY3dO42YpfBBQnTK05NkaemfvZCEEfn2ws9riFBGfliN3DcMShaJ66OgeDZ4AoyY6uq_Cq-8yqW3vJGB46xRZhKOI-iWBJqd2jbICH_aL562DKBh90lIxKyFxS_ABZSb0Xg7T18H7xRojGgadUYujcbd0b_-t4IpuQt4Ih957okBXTAnerylhrsDriUuCIsszIqedD0X7_GeluY17gP_of4iwxovgmd66rrWOrFM7Lm6eW84C330DnWLY0RmPbB7gDXQ18Gj2aGo_h9on43uDvz4kyDQAv2BLvfQ9JIfI5OADy9Gnj3xMV2e6vE=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702422673920&eclog=0&im=1&_=0.8953365739761693 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2025683&pb=ee275597fdae6f8dc4785cf27148bf7e1715142007&psp=jXMdwXo5Scjr4CHvZ5ZlLYTU1HGofH9ppIUEo965kfCfAo4VVt-Ys0l1LptFEPln-fE2bz75O9xzS214ypw2H3coLVxQQafXLCfFOi4ZTaDECnZ8z3YjhCUSnZDXBnQzdq13hWtTbpsOg7mnthCSugeRRtXS2LoyogO8oP-k_fmly1W53tD84Yr3eaFcJeV9P0g5wgc_K2IWQPEIBs8uzQUpjirViCX2r-z8GxJVIM1KD5kUk6WS6kawQZDl9C6pgdaxDSnYFtQHQytLv3qBTTlN8ZBR-DgY__QjetKSyAxj1chAaX-z2BNjekMNRx1rQqTpk9K8zj3xtYI6fvc_-TPeCF1kyfbG0D-66s5JnsnB95ZzieKIO7o3gwHGHMn2PYjDuY3dO42YpfBBQnTK05NkaemfvZCEEfn2ws9riFBGfliN3DcMShaJ66OgeDZ4AoyY6uq_Cq-8yqW3vJGB46xRZhKOI-iWBJqd2jbICH_aL562DKBh90lIxKyFxS_ABZSb0Xg7T18H7xRojGgadUYujcbd0b_-t4IpuQt4Ih957okBXTAnerylhrsDriUuCIsszIqedD0X7_GeluY17gP_of4iwxovgmd66rrWOrFM7Lm6eW84C330DnWLY0RmPbB7gDXQ18Gj2aGo_h9on43uDvz4kyDQAv2BLvfQ9JIfI5OADy9Gnj3xMV2e6vE=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702422673920&eclog=0&im=1&_=0.8953365739761693 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UID=24050721206e057c73ba064a7f800363da70; CHCK=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.24 | 200 OK | 19 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3QkAAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af585630ef0168a356e13a6653aedd36
x-accel-expires: @1715204756
x-accel-date: 1715118356
x-77-cache: HIT
x-77-age: 16450
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 16450
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| js.mbidpp.com/popunder-admanager/build.m.js | 45.133.44.53 | 200 OK | 101 kB |
URL GET HTTP/2js.mbidpp.com/popunder-admanager/build.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectjs.mbidpp.com Fingerprint5B:B3:95:84:D0:2B:0C:9A:68:98:53:B0:A4:A5:68:88:B2:A5:5F:82 ValidityThu, 18 Apr 2024 03:01:11 GMT - Wed, 17 Jul 2024 03:01:10 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:09 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 172.67.174.51 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP172.67.174.51:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:09 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 23ceed896d3a90a5433f88d904b5c539
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BaF7pjXT8s35%2FZtV8%2FmouT8pVPo08KB5dWnutRgB6R8WkNEQWCvalekJOly5n8RBr8CcIF%2BdlT1DDRgoNjdWq4LkSpZnORsVtYAplvxHmlo%2FS3g9Gb3Q%2F56aZ%2FqdW1qGOlh4f3jKF%2F9fyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f80edff0b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1hFCM8Gb0f6U65v9371r4kw%2FYfvNGzj4KukV4sEfmb7BMtPvhvB0bx7aU270VqLwBk7ShenQUWlk3o0WqO6H2PTtDQ4JWjzqo%2FjvyQbHZsmXIkQ1vB%2FOpnruu1PY6wDPZgQrw7a1wvlIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8144b46b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/includes/update_visits.php | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 54
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af; cf_clearance=g._3Nz0ByrvIXGGQDoqna3wNVaM1lzm0sSWV8Si4zIs-1715134807-1.0.1.1-Qbv4ddqzDoxpEWZ6k5247t0bu73axx1cn33w49S_kdtJza8CNMLnWi5u0ICYA2ow4o99RZvNdGmH09C.lEEWyw; prefetchAd_7446033=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:28 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhBJ9Wwo5LXU%2BLS0R8gQx9IxQ%2BIy4vAmMnLU026Fgqujltr92FCyy%2BjXYL5GG4QcTlvsUS0XxZ4ss1NcBJdxm6IxXVZ8R3epYzNssjE1YLJNyBNomZH4XQYDJ0pZCWuiiH5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8822c5b56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mpougdusr.com/get/2020090?zoneid=2020090&jp=_clbizx9zsydclu63bx3o8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952655559168&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 11 kB |
URL GET HTTP/2mpougdusr.com/get/2020090?zoneid=2020090&jp=_clbizx9zsydclu63bx3o8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952655559168&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (10579), with no line terminators Hash0624ac5904b6f0d6a5111265ecac0cf8 3bbbb257402f183573b6d9388c13b9909ede549b 0c9543c3c078ddaa643fae780d0379f1ec9db1585387ada4006d01785c04680a
GET /get/2020090?zoneid=2020090&jp=_clbizx9zsydclu63bx3o8i&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952655559168&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:07 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
UID=2405072120d964e35ea4144f41a4777ab073; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRIvYyAcyRxFS4wPo8oVrgSiXZM2ihmZBIe4e4Xe5hZGDQmQDbla0UHQd7Wl%2FjNw%2FWQqcxBvb7uSMQr902XUl5ptQXnQMLIdniD4RQ%2FxIy%2B%2B7Qhn6mDKDxWi0Eu3Hn7XePvoPuG5z4md7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8140b2bb517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134814&subid=1511354673&sid=2590395888&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DAapwQd-p1gK_ms-3jYuzcXBWd6azQ-_EVzhW-LA9qOfWFVrxPPW7AYN-lVY4Fo4zworvs0r73jKzZY_hoA3pBl24dtHg1cW-PTfZSYpfcQV6xCvP7I8MnbQ9ghxC3frrA4k0rgYVfUz-FTAH-ZTtWobj-bKH_90wDcbUJ1ktN5ohr6USLhGE9EhsiEXQSfDdxSfEDfqUQ7t2W4ad3DkgbeTY9CUZBC70UQCyE4av3V-roKBqNx9Ib55G77Z_eIon__yqDc5UCXPLtMfkTASQcjOcZL4Qn0YODWwuTt05Wv26cIv-_28wnjIAtdP23ACTbFZarTC3kvxBfqiOreLr-o-rxmmjsgi7PVq4abqybl0l6iUoroCwyGo3G4Eo9y0sAd4DH2XmKT0YMBCyO9mgoeh7PHV6EWAHLPZM5fdqoRCOQJ9Sp_TuszUNlOhmVFDnRn8WQhT4IPhuPIBy2i6AAgfLh1dXYCLGOq21GPKBct0y8rqQrdPDOQ_QBWwQTpV_HHjR0WpWjldd5nQkKdvC0cT-wA9cSB7J9lCeJnzs-n1OnqOZtVbgKPbxBCul6-llEYUtAnVO2ryvQGUWENK46TPW4CzSzXLhjFTokwrQf9jNp0ONT5m8StVFbJLUqM5TP-uNOQrXC_GPTrFNrrzFITnE-K6AklN6xWZep5YholNzi2B_zn63F2s0j1jlDNIUgb6yrKe99kAAP3uxDJD2fTT6tHceYhvoInFNtEgN0YCpNpxpOhA_tVjmY3R9b3E837ksFW_RHHhLtUu9ZZRNu-srutfnlT4PefHrrpLM96d1CG2JHAO7fp1H2XcdBlnDk0620rkdsbENx-83a5Yxtfl-Jj2Bc0dNlWnDGvwdSWxroJbNYJDCRnk1EhJc2862ierCAbTzs1bxxsAXVG2egfPBnL0niS9X9TM-eiS8Fmuo_ol82Us2KeO3xRqEiRB3Sv458lBkxfivujicN6okVwoBInhKqFtKadeBvdzMONU3bLQSPjFs8zY73THvhM9C0M80dotY5m46J5LasFqwHgVMUaGKHw1o23wELj9tOf6YRR9BHJHsebKhLdz95RzVuCPzhrL0x_L4UujcHlHLCRBv9Zckcn6HYWuf4RLVRA8qbFUtsfAvhlUpCuD85CJY6CLbfnrth5ck_2cAUgMeX0_kooqo5tYjK7EhpjdNCAuCdE4u7MmUlrNtAL9pcOkE8HOxMv9cK50jBQJZwWfCDWEPvmCNq6yU4NI1Q8Se-6pAQEyyFJz8MauyrhQVS_gyEz6NXy1JVvb8CP9_gpCA7eX06t_zk-c0NREv2BPwmIMfa8ww2A%26bid%3D0.004899363770037027&icons=CwbEgDVPcTlKG1aJrlyw3-yGColhVRC1pC-pGGXmaPNuIecdmX55BJY6N2P97Jn94wl5peofTACA9Tud7Dj7DHLr1ZCORka2JO-BPxNhesUTyxBkZeqMbAf75Q_VAFJH5Qx75Dumit2cb4BMODACjTjkC6YAA9j6FXtIp70WUhex0mnItwsBNzfPuNYcOvsoiR6jlNBsp2L9mqS5Y2q3dcHhb15tj6LGLhRYNlRSCY7lS8Sngw2tqcqL5ywdFi46kF1v5JGFqrPqeVYr1Z5SBQLMM7bFL4vz0ZMEQpbsafRJ2A7bzxer1dVn47SMziIOz9DvQGTXvte7-ygO9BwFBFfHdighistgBfX2PsSDndA1OzGJqtyxOxTA0MehTEqlmmgPrPWUoL-ie87_wfW8d8HzF6NyG36sIM__MMa39Sf5v90XuWhd1XztGraUuj-VC7RASgmBwO3-nsrhsotLN5nsq9UvezdHCCjqHq30AWNhUQ2vRuNHIc5D5hVtEFR5co_-Pg4uWhXRUnc7Hxk8WvqB16-ruEaQcKzchDHSrbpYNNkcNUWuA26-RocCMolruipldlPOiP_r0LAvxuPxXYMgjaqxVvSKspIQfpI4pQqVw1WhcMzsRGQ00qJ2Bc_XIpLnG7QW9ha1DmY7sRsIgVGJpM5nMGn6UgqcOFrPiuxGOiHX0Tk-EeUpBDk-Go896Asl3eYI46ehZ-NCTGRW_gnJf5xPB_Biy8keZnjJqoRjhc-BkkRvfNwTM4SMV_OXCXIM7__SXWrBrUeb5WBvm_uhhgIeqkdulH6ec4XY9CK83kVuG4M4UQa13-e4sGm8pex-8C6j-TufSN0mddxw0_JKX6KeaVui9BwnhvjIw1GSu7lZ6UOT4mELC0gHCLON9Ymy5yV0qSVxiXyrDMNxmZ-LmMfxlZyzoy4S9aUIxzBfTyo5zHPoBYH5mEj1CX7Xh8kcECYpKsjdnq7kV6893CrAhlHhb-BAMMGUcyE6qcyhdLgrocT-M0VMEtKwOf4zW21Y6bL9U_GRVRVlXIfCSRFaJATbxaAKmTQpmFFLA8zto8iCYcn83CME3US9eo6pD_eUk5Kj3oaVTVE2zIHk2en-9FpWo4ZShYBd4MTNza_eZWP-Tk8xjEaI6kauD-mBMbIule-X4vBRcblHOl9yVLDwr4SxVZAujd1sy19EVfOZl9bYesnboYF3prhFfAU2J-SFiai_7bS1S5jaZB4twvcPHZkHFnzj7bm2_-I-dYrHELCPoDgB37ofNhU06qdeJUiqE7zA-gmVuxyi743b8yjxTiKOfzmMVSmfgPr5NdbTC-yFaBwkRHk&ext_cid=224906&px_id=73529500&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=2839302747906711941&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.004899363770037027&verify_hash=329bf3d927dfb26f4ed33a77340da37f&is_native=1&real_bid=0.004857229258435351&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=33,98,130,4,90,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=1715307614&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.13&cpa=63bfd966-a705-4e4a-9d3c-1e332c446081&prev_step_diff=693 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/21e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134814&subid=1511354673&sid=2590395888&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DAapwQd-p1gK_ms-3jYuzcXBWd6azQ-_EVzhW-LA9qOfWFVrxPPW7AYN-lVY4Fo4zworvs0r73jKzZY_hoA3pBl24dtHg1cW-PTfZSYpfcQV6xCvP7I8MnbQ9ghxC3frrA4k0rgYVfUz-FTAH-ZTtWobj-bKH_90wDcbUJ1ktN5ohr6USLhGE9EhsiEXQSfDdxSfEDfqUQ7t2W4ad3DkgbeTY9CUZBC70UQCyE4av3V-roKBqNx9Ib55G77Z_eIon__yqDc5UCXPLtMfkTASQcjOcZL4Qn0YODWwuTt05Wv26cIv-_28wnjIAtdP23ACTbFZarTC3kvxBfqiOreLr-o-rxmmjsgi7PVq4abqybl0l6iUoroCwyGo3G4Eo9y0sAd4DH2XmKT0YMBCyO9mgoeh7PHV6EWAHLPZM5fdqoRCOQJ9Sp_TuszUNlOhmVFDnRn8WQhT4IPhuPIBy2i6AAgfLh1dXYCLGOq21GPKBct0y8rqQrdPDOQ_QBWwQTpV_HHjR0WpWjldd5nQkKdvC0cT-wA9cSB7J9lCeJnzs-n1OnqOZtVbgKPbxBCul6-llEYUtAnVO2ryvQGUWENK46TPW4CzSzXLhjFTokwrQf9jNp0ONT5m8StVFbJLUqM5TP-uNOQrXC_GPTrFNrrzFITnE-K6AklN6xWZep5YholNzi2B_zn63F2s0j1jlDNIUgb6yrKe99kAAP3uxDJD2fTT6tHceYhvoInFNtEgN0YCpNpxpOhA_tVjmY3R9b3E837ksFW_RHHhLtUu9ZZRNu-srutfnlT4PefHrrpLM96d1CG2JHAO7fp1H2XcdBlnDk0620rkdsbENx-83a5Yxtfl-Jj2Bc0dNlWnDGvwdSWxroJbNYJDCRnk1EhJc2862ierCAbTzs1bxxsAXVG2egfPBnL0niS9X9TM-eiS8Fmuo_ol82Us2KeO3xRqEiRB3Sv458lBkxfivujicN6okVwoBInhKqFtKadeBvdzMONU3bLQSPjFs8zY73THvhM9C0M80dotY5m46J5LasFqwHgVMUaGKHw1o23wELj9tOf6YRR9BHJHsebKhLdz95RzVuCPzhrL0x_L4UujcHlHLCRBv9Zckcn6HYWuf4RLVRA8qbFUtsfAvhlUpCuD85CJY6CLbfnrth5ck_2cAUgMeX0_kooqo5tYjK7EhpjdNCAuCdE4u7MmUlrNtAL9pcOkE8HOxMv9cK50jBQJZwWfCDWEPvmCNq6yU4NI1Q8Se-6pAQEyyFJz8MauyrhQVS_gyEz6NXy1JVvb8CP9_gpCA7eX06t_zk-c0NREv2BPwmIMfa8ww2A%26bid%3D0.004899363770037027&icons=CwbEgDVPcTlKG1aJrlyw3-yGColhVRC1pC-pGGXmaPNuIecdmX55BJY6N2P97Jn94wl5peofTACA9Tud7Dj7DHLr1ZCORka2JO-BPxNhesUTyxBkZeqMbAf75Q_VAFJH5Qx75Dumit2cb4BMODACjTjkC6YAA9j6FXtIp70WUhex0mnItwsBNzfPuNYcOvsoiR6jlNBsp2L9mqS5Y2q3dcHhb15tj6LGLhRYNlRSCY7lS8Sngw2tqcqL5ywdFi46kF1v5JGFqrPqeVYr1Z5SBQLMM7bFL4vz0ZMEQpbsafRJ2A7bzxer1dVn47SMziIOz9DvQGTXvte7-ygO9BwFBFfHdighistgBfX2PsSDndA1OzGJqtyxOxTA0MehTEqlmmgPrPWUoL-ie87_wfW8d8HzF6NyG36sIM__MMa39Sf5v90XuWhd1XztGraUuj-VC7RASgmBwO3-nsrhsotLN5nsq9UvezdHCCjqHq30AWNhUQ2vRuNHIc5D5hVtEFR5co_-Pg4uWhXRUnc7Hxk8WvqB16-ruEaQcKzchDHSrbpYNNkcNUWuA26-RocCMolruipldlPOiP_r0LAvxuPxXYMgjaqxVvSKspIQfpI4pQqVw1WhcMzsRGQ00qJ2Bc_XIpLnG7QW9ha1DmY7sRsIgVGJpM5nMGn6UgqcOFrPiuxGOiHX0Tk-EeUpBDk-Go896Asl3eYI46ehZ-NCTGRW_gnJf5xPB_Biy8keZnjJqoRjhc-BkkRvfNwTM4SMV_OXCXIM7__SXWrBrUeb5WBvm_uhhgIeqkdulH6ec4XY9CK83kVuG4M4UQa13-e4sGm8pex-8C6j-TufSN0mddxw0_JKX6KeaVui9BwnhvjIw1GSu7lZ6UOT4mELC0gHCLON9Ymy5yV0qSVxiXyrDMNxmZ-LmMfxlZyzoy4S9aUIxzBfTyo5zHPoBYH5mEj1CX7Xh8kcECYpKsjdnq7kV6893CrAhlHhb-BAMMGUcyE6qcyhdLgrocT-M0VMEtKwOf4zW21Y6bL9U_GRVRVlXIfCSRFaJATbxaAKmTQpmFFLA8zto8iCYcn83CME3US9eo6pD_eUk5Kj3oaVTVE2zIHk2en-9FpWo4ZShYBd4MTNza_eZWP-Tk8xjEaI6kauD-mBMbIule-X4vBRcblHOl9yVLDwr4SxVZAujd1sy19EVfOZl9bYesnboYF3prhFfAU2J-SFiai_7bS1S5jaZB4twvcPHZkHFnzj7bm2_-I-dYrHELCPoDgB37ofNhU06qdeJUiqE7zA-gmVuxyi743b8yjxTiKOfzmMVSmfgPr5NdbTC-yFaBwkRHk&ext_cid=224906&px_id=73529500&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=2839302747906711941&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.004899363770037027&verify_hash=329bf3d927dfb26f4ed33a77340da37f&is_native=1&real_bid=0.004857229258435351&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=33,98,130,4,90,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=1715307614&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.13&cpa=63bfd966-a705-4e4a-9d3c-1e332c446081&prev_step_diff=693 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3Dc7c3a08a8a&refdom=www.amdahost.com&auction_time=1715134814&subid=1511354673&sid=2590395888&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253Dc7c3a08a8a%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DAapwQd-p1gK_ms-3jYuzcXBWd6azQ-_EVzhW-LA9qOfWFVrxPPW7AYN-lVY4Fo4zworvs0r73jKzZY_hoA3pBl24dtHg1cW-PTfZSYpfcQV6xCvP7I8MnbQ9ghxC3frrA4k0rgYVfUz-FTAH-ZTtWobj-bKH_90wDcbUJ1ktN5ohr6USLhGE9EhsiEXQSfDdxSfEDfqUQ7t2W4ad3DkgbeTY9CUZBC70UQCyE4av3V-roKBqNx9Ib55G77Z_eIon__yqDc5UCXPLtMfkTASQcjOcZL4Qn0YODWwuTt05Wv26cIv-_28wnjIAtdP23ACTbFZarTC3kvxBfqiOreLr-o-rxmmjsgi7PVq4abqybl0l6iUoroCwyGo3G4Eo9y0sAd4DH2XmKT0YMBCyO9mgoeh7PHV6EWAHLPZM5fdqoRCOQJ9Sp_TuszUNlOhmVFDnRn8WQhT4IPhuPIBy2i6AAgfLh1dXYCLGOq21GPKBct0y8rqQrdPDOQ_QBWwQTpV_HHjR0WpWjldd5nQkKdvC0cT-wA9cSB7J9lCeJnzs-n1OnqOZtVbgKPbxBCul6-llEYUtAnVO2ryvQGUWENK46TPW4CzSzXLhjFTokwrQf9jNp0ONT5m8StVFbJLUqM5TP-uNOQrXC_GPTrFNrrzFITnE-K6AklN6xWZep5YholNzi2B_zn63F2s0j1jlDNIUgb6yrKe99kAAP3uxDJD2fTT6tHceYhvoInFNtEgN0YCpNpxpOhA_tVjmY3R9b3E837ksFW_RHHhLtUu9ZZRNu-srutfnlT4PefHrrpLM96d1CG2JHAO7fp1H2XcdBlnDk0620rkdsbENx-83a5Yxtfl-Jj2Bc0dNlWnDGvwdSWxroJbNYJDCRnk1EhJc2862ierCAbTzs1bxxsAXVG2egfPBnL0niS9X9TM-eiS8Fmuo_ol82Us2KeO3xRqEiRB3Sv458lBkxfivujicN6okVwoBInhKqFtKadeBvdzMONU3bLQSPjFs8zY73THvhM9C0M80dotY5m46J5LasFqwHgVMUaGKHw1o23wELj9tOf6YRR9BHJHsebKhLdz95RzVuCPzhrL0x_L4UujcHlHLCRBv9Zckcn6HYWuf4RLVRA8qbFUtsfAvhlUpCuD85CJY6CLbfnrth5ck_2cAUgMeX0_kooqo5tYjK7EhpjdNCAuCdE4u7MmUlrNtAL9pcOkE8HOxMv9cK50jBQJZwWfCDWEPvmCNq6yU4NI1Q8Se-6pAQEyyFJz8MauyrhQVS_gyEz6NXy1JVvb8CP9_gpCA7eX06t_zk-c0NREv2BPwmIMfa8ww2A%26bid%3D0.004899363770037027&icons=CwbEgDVPcTlKG1aJrlyw3-yGColhVRC1pC-pGGXmaPNuIecdmX55BJY6N2P97Jn94wl5peofTACA9Tud7Dj7DHLr1ZCORka2JO-BPxNhesUTyxBkZeqMbAf75Q_VAFJH5Qx75Dumit2cb4BMODACjTjkC6YAA9j6FXtIp70WUhex0mnItwsBNzfPuNYcOvsoiR6jlNBsp2L9mqS5Y2q3dcHhb15tj6LGLhRYNlRSCY7lS8Sngw2tqcqL5ywdFi46kF1v5JGFqrPqeVYr1Z5SBQLMM7bFL4vz0ZMEQpbsafRJ2A7bzxer1dVn47SMziIOz9DvQGTXvte7-ygO9BwFBFfHdighistgBfX2PsSDndA1OzGJqtyxOxTA0MehTEqlmmgPrPWUoL-ie87_wfW8d8HzF6NyG36sIM__MMa39Sf5v90XuWhd1XztGraUuj-VC7RASgmBwO3-nsrhsotLN5nsq9UvezdHCCjqHq30AWNhUQ2vRuNHIc5D5hVtEFR5co_-Pg4uWhXRUnc7Hxk8WvqB16-ruEaQcKzchDHSrbpYNNkcNUWuA26-RocCMolruipldlPOiP_r0LAvxuPxXYMgjaqxVvSKspIQfpI4pQqVw1WhcMzsRGQ00qJ2Bc_XIpLnG7QW9ha1DmY7sRsIgVGJpM5nMGn6UgqcOFrPiuxGOiHX0Tk-EeUpBDk-Go896Asl3eYI46ehZ-NCTGRW_gnJf5xPB_Biy8keZnjJqoRjhc-BkkRvfNwTM4SMV_OXCXIM7__SXWrBrUeb5WBvm_uhhgIeqkdulH6ec4XY9CK83kVuG4M4UQa13-e4sGm8pex-8C6j-TufSN0mddxw0_JKX6KeaVui9BwnhvjIw1GSu7lZ6UOT4mELC0gHCLON9Ymy5yV0qSVxiXyrDMNxmZ-LmMfxlZyzoy4S9aUIxzBfTyo5zHPoBYH5mEj1CX7Xh8kcECYpKsjdnq7kV6893CrAhlHhb-BAMMGUcyE6qcyhdLgrocT-M0VMEtKwOf4zW21Y6bL9U_GRVRVlXIfCSRFaJATbxaAKmTQpmFFLA8zto8iCYcn83CME3US9eo6pD_eUk5Kj3oaVTVE2zIHk2en-9FpWo4ZShYBd4MTNza_eZWP-Tk8xjEaI6kauD-mBMbIule-X4vBRcblHOl9yVLDwr4SxVZAujd1sy19EVfOZl9bYesnboYF3prhFfAU2J-SFiai_7bS1S5jaZB4twvcPHZkHFnzj7bm2_-I-dYrHELCPoDgB37ofNhU06qdeJUiqE7zA-gmVuxyi743b8yjxTiKOfzmMVSmfgPr5NdbTC-yFaBwkRHk&ext_cid=224906&px_id=73529500&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=2839302747906711941&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.004899363770037027&verify_hash=329bf3d927dfb26f4ed33a77340da37f&is_native=1&real_bid=0.004857229258435351&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=33,98,130,4,90,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=1715307614&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.13&cpa=63bfd966-a705-4e4a-9d3c-1e332c446081&prev_step_diff=693 HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:20:15 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.js | 45.133.44.52 | 200 OK | 1.7 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1884), with no line terminators Hash920f349834adf2faa94a7c6047814e52 34557304112fe9d61f23b8f89ceead6db43b98d4 2ddd6ffb00a0971092562d2c424678425e8496d315e38967a4ca2e26fdcfeafc
GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:06 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:54 GMT
etag: W/"663a186e-6c4"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:06 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.m.js | 45.133.44.52 | 200 OK | 109 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
Size109 kB (109409 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/scripts.m.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:20:07 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab61"
content-encoding: gzip
expires: Wed, 08 May 2024 02:25:07 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1310), with no line terminators Hash6ed7e36a675f79912a60041296e6712c 90726391e4efdc836774a463094dbce3f980c761 59214048cf850c5c635c4bd6669db6222a200dd806e8ec2b2e8f504fa0b9393d
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/get/2025683?p=2025683&jp=_cla2x3x88hiogb2imt3yh9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702422673920&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 12 kB |
URL GET HTTP/2pyknrhm5c.com/get/2025683?p=2025683&jp=_cla2x3x88hiogb2imt3yh9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702422673920&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (11569), with no line terminators Hashfaf459db84d09eae33822db0db75d5f5 11679d7fb85e5e76b17c3e5e028607dab2311019 14661a86a03bb9ead278daf4ef17a1c06b9f38c7aad5b46ee10a89a26fd13c43
GET /get/2025683?p=2025683&jp=_cla2x3x88hiogb2imt3yh9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702422673920&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:07 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=24050721206e057c73ba064a7f800363da70; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:20:07 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZZyjBHF%2F7tcstutTIjdlMRUZzXplVFKKL7YSn6MQdqOtMaEHt2jwd4gR9xyU5x54saBSVnrUZ%2FyPN8O6SpdyTHTTfG%2BtzX5hUVXXIGM%2FhSnIjSxrFsyRgBNp7d%2FV9G6T3Rn3%2FRi49pwyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f8172c97b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js | 212.117.190.201 | 200 OK | 91 kB |
URL GET HTTP/2pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Hashe0411427d3a21e45aeedb135ad163c3b fa7604ba1e0c74bb7f8ffb0d229ec10677872813 30e20e87ce0312c597365ca972e0e0bc4470a1ac11b6f6c026d5aa342d6576cd
GET /q/tdl/95/dnt/2025683/kep.js HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:20:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-164ab"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=008056add9ec4edee58be14e040dc716 | 0.0.0.0 | | 0 B |
URL GET my.rtmark.net/gid.js?userId=008056add9ec4edee58be14e040dc716 IP0.0.0.0:0
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?userId=008056add9ec4edee58be14e040dc716 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:20:10 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhR1wWVf1KRCYt8kvVJMQ9bWKIRkQnM0HV8GXskcydlCxYG603F6jYD0H%2BcmaQs1aNpF4yk0tuA0vP8ULZGmR5zvlpGDQ56AkLd9SoKoGFFKQnqQcJjBcIhix7G5Rbl8QmO3fEWevo2TMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f817bcc4b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.tailwindcss.com/ | 104.22.20.144 | 302 Found | 366 kB |
IP104.22.20.144:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 02:20:05 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::2hfjr-1715134083432-6a808a908027
cf-cache-status: HIT
age: 542
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f7f8296ab4f4-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 802 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (820), with no line terminators Hash19b781ab6f09786f5d9e86ac26de083d 11ca72183489143542fafe4efb122b11f9b4c1d9 e17e04ca3c38fa955e6789b4818c7c24ffd3a99eae0830a01ca51ed8e968db8a
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 172.67.183.69 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=c7c3a08a8a
Cookie: PHPSESSID=5681521f537ec90e7451a2c5977494af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:20:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
cache-control: public, max-age=604800
etag: W/"17f0-65dd98cc-8c005d;br"
expires: Wed, 15 May 2024 01:35:49 GMT
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2656
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3GMLAtbjkg6p0xFNL2Wv8z5ZlId5R25jhWw31ggwoNgtVCCaGxggHT1Sg1TGLGIzQ0tWicoMUdUu9Oe8EG%2BO%2FNJbXCyTvurNyHiYDXoyn71kQcmhb6TYqDC4kndtSSs3YT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f7f7ffb556cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 420 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=c7c3a08a8a CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash75f97bdeb174d8b64c2078ceff6726a3 beb63d63eb0398c4e6f15b6f2ad83c9fd7ef272d 0dd00245b771e2aada55e76fe50ee64c186e9413f70b1fc54da284a2cab024c6
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:20:06 GMT
date: Wed, 08 May 2024 02:20:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|