| vjs.zencdn.net/8.10.0/video-js.css | 151.101.194.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.194.217:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Fri, 26 Apr 2024 02:57:12 GMT
x-served-by: cache-hel1410020-HEL
x-cache: HIT
x-cache-hits: 0
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.10 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.10:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:18:46 GMT
expires: Wed, 23 Apr 2025 07:18:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 243506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.193.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.193.229:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 02:57:12 GMT
age: 4232521
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1714009302_a92da7de57f80c21.jpg | 104.21.40.89 | 200 OK | 41 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714009302_a92da7de57f80c21.jpg IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash344d1f37a9ec0fd15f20f2d60e83b9f4 c6d27784cdb7839d287248193bdbaf7b8669dd04 4850bff98b63ae8ac12c89004ae9456ba78a11e328884eb6bc156a44f052ca51
GET /thumbnails/1714009302_a92da7de57f80c21.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: image/jpeg
content-length: 41243
last-modified: Thu, 25 Apr 2024 01:41:42 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eldhp%2BE3A4I%2FC0lIqB1W%2Fvag9bpyvUlrnZrikmJVVsx%2BknaqbbCvS5JTFZO0sT2XJTRrODfgu281nXDN71Ajc6h43AAmN3wxgRLt6tg4aRrx5KH%2BjRSjElfBxj0W1h5PPTDP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dd2ae19b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.40.89 | 302 Found | 0 B |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:57:13 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BEPFUxm04jLr7WD8HP%2FgERswrpNfZiokArYO0tJAGG5f%2BPfCRKU3lZWzYeRO8bQxiTp5SYBX5b0Gy0tt9plGKTH%2B1HBdaQXpt35t6s6bbU8p%2Fe5REQkS8hxSCZi4eE1So6m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dd9c860b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13184, version 1.0 Hash37b12babb3bd0f9d9587cc8ca89a19b9 49cfe5b31144493cec4f21dc63fb2f1051061b45 73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:40:57 GMT
expires: Fri, 25 Apr 2025 02:40:57 GMT
cache-control: public, max-age=31536000
age: 87376
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208560016727040&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208560016727040&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208560016727040&eclog=0&im=1 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Fri, 30 May 2025 02:57:13 GMT; Secure; SameSite=None
UID=24042521571045dffca2dd41f1b07b3f44d3; Path=/; Expires=Fri, 30 May 2025 02:57:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 990 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash635800b44f3346d37bc46563d61cf533 3f9c9cd8276652534e41e9911c2159dd2aae0db4 f376d07988ebac5a24d797dd7ad0e27e734f7de5cb718b9a4756319066766f60
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.25 | 200 OK | 56 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65463) Hash1441000534aee51384da902a603b228c f68d8be38573370a3c0d0eca060870d6a5757ef5 b2e38d4619ecb0cc59c95d61c0a4a86c46f3f25e360ad6397378f0062c75c1dc
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3uEkAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af585630c6fd485c08182b66f0fec811
x-accel-expires: @1714167760
x-accel-date: 1714081360
x-77-cache: HIT
x-77-age: 18872
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 18872
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.202 | 200 OK | 54 kB |
URL GET HTTP/212ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Hash3dfaf38c2289e292cc712a7019b2d145 4ef2d477f159e89f5ce4954eb2a8fdb0a727b323 e40fa397a311e3027f5bf108f54ec3ac18a94ea259c061e49840843010d84994
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 3.4 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash62df6e9d1aa59d33f5ecda51146d3b25 6f4c680fafc00e1e7f91e0c9bf9e457bff047eea fccc6e39e656591912946d769079293060ef7f094d9d0e6528150e198feae9a0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 104.22.59.221 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP104.22.59.221:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint74:12:B3:16:53:18:34:1F:1C:1F:C7:58:FE:87:06:72:9F:9E:27:E6 ValidityThu, 29 Feb 2024 00:47:39 GMT - Wed, 29 May 2024 00:47:38 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Fri, 26 Apr 2024 20:38:36 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 109117
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a34ddd0edab51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 104.21.40.89 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5412
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gM1ZIvxMU%2FMgVag%2B5i0Rn4VkIcqEGSRHvb9LUcRZhLrUSoFCa2k4a%2Bw%2FNepRcbzjEnJDIhpUMPFo7Zj%2BIubZT6EMJeptGuPKNSryZhe%2Bs%2FsOeD36vAhM7lMNTv7rdQy%2FOblg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dddea38b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 | 23.158.56.123 | 200 OK | 28 kB |
URL GET HTTP/2news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 IP23.158.56.123:443 ASN#63023 AS-GLOBALTELEHOST
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject*.news-galuzo.cc Fingerprint29:96:67:1F:2C:DD:23:45:EA:5F:11:0B:F4:0B:E7:D5:0D:C3:D1:FB ValidityMon, 15 Apr 2024 08:11:44 GMT - Sun, 14 Jul 2024 08:11:43 GMT
Hashf815482ca18f3396749671f968a4cc66 c93ded146b4d78d4ae2cea7485e740d550ca109a 889bd2bf1633f54b542a9e128c34ef64ecf161f8051d8fa3c59bd57f7e373a8c
GET /process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP/1.1
Host: news-galuzo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a34dceb862b512 | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a34dceb862b512 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a34dceb862b512 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12186
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=mK0IWymUVo6tMqyx59xIi8QrmJAbC4.eU2GY6GMCuUA-1714100233-1.0.1.1-1TjkPMuLu0eqNAjqCs08TC.P4ayrkpdzenIrSL7saw_2V1aIQtx9FLOdfG.c9THLDnL4QfoIrD5dt8Z59775bA; path=/; expires=Sat, 26-Apr-25 02:57:13 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=roIdN7nCYKLkeVbwFiEl7fIst80T1xBz4h1duyFKmtOdkX6L%2FLSPqAzJhEGpY0Uw9J0Hx6LUD9ucJiNj7l%2Fawz4%2Ff%2BGPzs1F6MgQjDzogvN%2B5uPAQ%2BEiV7I1Vk0BQHeCJGqU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a34dddfa45b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.25 | 200 OK | 43 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, from Unix Hash1989d54b6b28cd9c09aaae5f995e8826 102546e8f781495d1d15eb5e18c59a98f8a2a3b1 0fdeaec3924fe80e141bb2e6ba4f94dff4189cc1aea991032029448f9a1e7707
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3ASgAAAwBuUwKAQH3DwAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: af585630a604e55b08182b6678e46e0c
x-accel-expires: @1714100791
x-accel-date: 1714089991
x-77-cache: HIT
x-77-age: 10241
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 10241
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 7.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash7d1376f79928103da14e70a33a751a09 d2acabbefdb19bc7a61c5f1f432e573c02ec260d d9814fd2ecc584ec3aaa1e5f9b71c420dc8cb0bb867495e29ad36aab16c18894
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:14 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.amdahost.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34de3dadf568a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re:2087/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:2087
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:14 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.amdahost.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34de3dcd3b51e-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| 4.adsco.re:2087/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:2087
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:57:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:57:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:15 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34de5ad84b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 813 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hashca9f5e8cbe0799d9c39ba8609697ceb3 ff7a749379c7e43cbe6c0cd74dd3d4ee068385dd f1d306c54dc51796663aba938fd4d52eec970c62d55f571c2d2a0b742249ebf8
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1522
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:57:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| frhc5krzrmdt.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2frhc5krzrmdt.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: frhc5krzrmdt.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:15 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.40.89 | 200 OK | 12 MB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7861), with no line terminators Size12 MB (11789459 bytes) Hashf4838ef6ec10b1ce741c04517c20668d 62e3363295d437c71203e11ee86a5a8f2da8b548 b3e238e804e5d539a7b2a810c652f55b1aec23d812f5a7a253d86af6e3842048
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
content-encoding: br
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjHy7Gj%2BTsjUmbdpnTQZCmjFEh5sLbFXBeZoIRIg%2B%2FFFphNpf8IGz00ucXed5bYIc8revYHLeqm8f%2FK9KLifqFi8JhCIddsr5fwrTJsIf655EQZVrvjjoJRSoxfffcW2UWGH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a34ddcb9d7b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/watch.php?id=eb103ff7c8 | 104.21.40.89 | 200 OK | 14 kB |
URL User Request GET HTTP/2www.amdahost.com/watch.php?id=eb103ff7c8 IP104.21.40.89:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, ASCII text, with very long lines (12986), with CRLF, LF line terminators Hash76b0cd3e0f365e2d9421963a0e57d90e 03bd23584c290109c1dc44471636a81bc76e8a75 d697e18cf9b88a0b69674ecf23522cc82803081d9d0f9f9363f6c18ee9120900
GET /watch.php?id=eb103ff7c8 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:11 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc; path=/; domain=.amdahost.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koTiHlFDqa%2BQniH8iY6NWNn7XdoIAFhkRMgzwVOg46Xg2CHRTPbt5eltueYVBdZQ9%2BdzSNyrtSLX3v6Bao%2FYzWoa9q67cBBzOLqECsUV9Ym%2ByNoXUujbh2zPhVl%2F49yV8k%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a34dceb862b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| frhc5krzrmdt.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2frhc5krzrmdt.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: frhc5krzrmdt.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:15 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/chicken.gif?z=2020090&pb=b2e4283363f40cf1d63d6d9291676ceb1714107433&psp=wVbsGAU_D2UELZcz9tPGSOLXVYc_XElW8etZFpa9sapRRbnLEMhSZMHVFkdDyV49PMXi_gXinmpeeHo0oXlbsW9T3lC3Pglk1nhEjAfLtY2bBH7kf57Bu0-t4DnNXte6VqXgMb__0AIPVbfHIRPQHhhAeTBLumfXJRZFk5InYyFhhTtUnG5DTAcJf_b2ZVSadDF4D0XrbqISfcBDtfbpx4Tc-fMezIUU9BYggS0SHzJBUXJy2OvjbVIM3iM6refbPAiR2AWeqESh-K0mNli_x83MBHOPDVBE6YAySJdMLoXr5AAy9PWvd0PNcHpcyrtnJwVuugYdKt5l4RWUtj6mQTTQO2WXZv6Zi6EcoBsHLHIAMsAXYAg-GxyxE3VJ2NuBr_7vZmsQcXwIxaLyIE-V2kvXKfvaVJZFwOZeuhqGB2PDEA8pH6M5NF_x4viEHOkoNes6RjgRhqbbkDu3ZmfUVTyQUdjYjgMDGZhhueD7Ga17PHmYS8UTtBLSKEoBfXylQjs8F12nrws0X8BCgA8nrg0kx5iUXfvFpEknTyf7Qr0aK6mZbXj4owC03R7UjVzkRA5uR4yQluegW4IOIe1XAmbjfUsETm2ngNh0QG8nIpUPIRM3BEL83QVlm8-GHp7yi8koqhGmKHfgNSpvgjj29zkS4GoUTmGriMZ4nX7KE36LDic0Mw9nGwiGk3s0BKVudLREXmNvxcC-WeX-APppmTCuFt0xU1wgDqVa1BJxkWto9UO3U_gOcMOOMW21E217rrvZPWJ7xb23ZbHy5nstT87lsb3Cl7ywRaTfddBNFeU8QxQbydwRmHJa-2EBLHBeGjdS3XtrN54aWZH9FwUaKz6ei18CyfY-0U_AAbHzH3lZ3AnhLFvaYTs9Tx-smfDNet_HY4Q-6z0MXyglX1uri9brhkhFVpZg2YIzozzji0wya9gHKu-gdLRZ3TXLHpVPn7xiIy8WaDT-OplR5IryHb0D2Mnh3TQpqs0U94CpUoO5RVOYnmQLHv0KG6getyGwSCTtE3HRL9STzYf_kiZBP_ee3cnG6_JoCJAi_y3BWwTcZl9ZfkRz9VAsvc4Fbzv2GJFrih3gsCJSAfG5qKKIVcaKdbovTIfSGtJPc7D165RYck8CCdt9kB1bQ5JioK3nywLzrcCOY4tFCRWvE8M5-cOAxoqBSGwbFRoHxOvAEW_O35J8zx2TE8kbf3840c5CrbtCI81baFsQmbh12LxvONJjdJ6msXFRqfmORadv6fPRCIgVsHOqrAUpgOWuEl95dL6qLpjA2yimvp8KWBSTU7Fg79-RRd3yP9bzUUDi-zrFP_lfiGLdXjmYftHpY9YOEnbQZWmx31crOVY-h-spoPajpRFXg7yGCjj92mbdRyre8DaeaFBRt4nDyOWn4XB58zZTZTl3J9Mrpfku9OTc8553Be9ES9erIimlkhUj7-N7za3y0gzinAdUYE4QyPyKV1BGzl5KHUJcYvBcTLO-VhUceC23E8ZUbRBpRAzbpDiGiz76kEv6jA3Nq_J3cD1_OMrVWkR1tM3gx3zk5tm1wxfg9FThPiyy4bPTIrV35QF65Z7uHK3XM38jY4ZbJzOUe08SHLyGdjqu57SMfSzuORDLfb77zWZKHF6uwHYy2sO9EffS7X7Z5xmqH6dTsnf_neP8nWgiTMSG5wUS32-EDCIdsjyzAOI_NybKnS4n-BjAdguupgAqlgYXMZNmN7UayBKTiEsIDn_kt9Hvj9y3RuB_JwUbJk0eCsX8zCRRTOYnKdDplVgUWh3RJQHt0xkhopgfu_ExVYEMdMzUfELdJT1g3GKOP9wGsdzFGI8lBuyvXKHV4jgdsPhKY2uR4YlMn9Z6iPj6m4rEmtYkVPjewcgaN7uFENih65mbtv8GBSSIoseYMRdoeDo0hPex2qYL2LH5uQDTUo7OqmOfqTOzVgNI_SLq2fkIwbO02Af9hEpE17zwsIg1-_ah2W5xB3x2rQXEB_iVP5ojyx5poxaviTvpqZMugvqhCTMmj6U4LJd5wiKwB7tYa0n5mcYrcIbe7LD-JvA09w2WLE8bFofgCuA1vNQP44Xak5rXftoxCgUCXKZIOyoOn_tzapogWDyMXxNjiy8TUQ4HxNLl_DUH0VpKDtOOG-mQz0ycEXbFc3c4nqwEhAzJZeApxa2A8nFl7Id1pSOy7lavWTqP7TLeKxI_NDbeiDbNoIUhtFUWcT7jWj0XphvgVxL6crhcG9MRHDhloi1-GA5RsLf-EPlK1ddlw_HYqZHVunIek8nFNmNn-imGUCRAA0cVt1oxbuOGRq-S6DUrCNSin2CRU3Sz7CLWVlgcdfJQXuct6Iq3XWK95mN6rIfngBLp3CAu1l86TNqFppiF_Y5tHqmYij1Efq7aqhTYfVq1lnKJSDCjZ2iTHSl9LGCI-8QrBCmWmdGALgbCjRO3-Ol1tgwATlMfDotD6l3uDF4juupKSGbVVoIKERvZc1aJup3Qzjbs_KSVhas3L1PwUKtfWpNqolN63KvrE2BG7V9fIDGkLFYGzaNVyLPopQpBsCpBCe1tsKutznDrl_SyP3VTdUd9fKKL1jLZRkf3PtT_QvK516JAWzje8q_ylwXHrkxCkYYimlxEvSeIjxhv9HvwD4on7BCNiph_f6p63Y6Ps8xP1z1oxH8jvimnK-NYvIt4hkH5F24T1AN1hGbULoCUZDGxwqZmxjrlgwy1afnXpZXpstEOLq5Qs6W1qz7RhwUL4MY43wT_Ad5IzPE8veqIOqnDgrkTs4Yw-dWupKV0_unWq78YQMxBcrbcP3q8yGKgYsZb9zuCy5pcMR8OA96dBSME8j_OKI4wt-a7BA2AEu6rZsJmlY0o5X5qq_OrLkX-SYMECN_Cj5TdLzM-1oogyhZAuSgzLH7FUPQAbNovcHfyeJRRQO8qMNndw6tsNPg7sYacz_hQA0puhoJIJsbUAtJ3Cw_Kpu5uVa7etmfJhtRhPrcVpMeirqAuka1Of0KL86-cdgT2bK8TBkeXqyJDlJW1WY6P2rRf5-R7d9PXVvX0pYWhTWyRN-GBK4BEx3m8goqz4E3_MTYkwrFTw317XB7FIRJAUR5XzORaPgvPFmS8bUkj2ZSQH_9vgMJ425hZHPXHbeU4RVy8xJUrtCnRukRYfuiOkPSEWtiW53F1_EMp1lSIKV99BS_kTA56dCHwZiVUXoBUNTD4HLF2u-W3x7eRcY40hTJopL9hfMCpe4057anPSr_zP77OYmRbCEguSnX5KD6FmMF0e9IZ--H4Kch6OWQelMpqWU92xgZPkgNyi0vxgIk3gMiG92NzPKnz1_0SKuZFYa6XlPwgqyVRcuDirsRaVXHTvcytzXq1JzgEZP6P0muOddbqmC-Sjd1fnLModuivkIakCdJC2S_KJsUuiZEUpA5QPvP2t2Xj8_pl2QrN02Cf-Cc5dRJ1Zq7PKAf-f7nOMyhkP-rarCBG0m76l2EUsp-fksN0eyaUIDiai2YImjK95N5VRXi2zWRaFmtKb3Mbe0OtTAulo2UqMW5ZwYR2W18GyFr75pDcBhUIdHumM_XQoi4VbzzLfHUJSfPNYiD5_fxrGTWvtH44gj5d5-dxPK51An0keCTYrZdjkRYUKpM2xOXamuL7nwOLocvpaH9BdgjkHhNK89Xicr1f5BnPmuHzT1d67fSE1twv6VR0Drc99-ob4s2ai4gkqeBAyAa-S512riiIBdHx1XV-HnhPg3D3kq2xvVAktCeKHavF8qCbjf0YFlIe2heRWaefo0NCUMGq_ShTBJiRiN4RW18OI6piePF6eFK7Zzl1X8hwVKZXAjuIogtiZ_9_HxO73WTbYYpe6FNBPqtOylDX9jEGLprNstndlxcPDoRp0W7JLQkQ7OepMyVEpN31sxs5sXxih1cBXI97CXoHekxThbaEOnXVfZTtl8dizGSd&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801185133193216&eclog=0&im=1 | 212.117.190.202 | 200 OK | 43 B |
URL GET HTTP/212ezo5v60.com/chicken.gif?z=2020090&pb=b2e4283363f40cf1d63d6d9291676ceb1714107433&psp=wVbsGAU_D2UELZcz9tPGSOLXVYc_XElW8etZFpa9sapRRbnLEMhSZMHVFkdDyV49PMXi_gXinmpeeHo0oXlbsW9T3lC3Pglk1nhEjAfLtY2bBH7kf57Bu0-t4DnNXte6VqXgMb__0AIPVbfHIRPQHhhAeTBLumfXJRZFk5InYyFhhTtUnG5DTAcJf_b2ZVSadDF4D0XrbqISfcBDtfbpx4Tc-fMezIUU9BYggS0SHzJBUXJy2OvjbVIM3iM6refbPAiR2AWeqESh-K0mNli_x83MBHOPDVBE6YAySJdMLoXr5AAy9PWvd0PNcHpcyrtnJwVuugYdKt5l4RWUtj6mQTTQO2WXZv6Zi6EcoBsHLHIAMsAXYAg-GxyxE3VJ2NuBr_7vZmsQcXwIxaLyIE-V2kvXKfvaVJZFwOZeuhqGB2PDEA8pH6M5NF_x4viEHOkoNes6RjgRhqbbkDu3ZmfUVTyQUdjYjgMDGZhhueD7Ga17PHmYS8UTtBLSKEoBfXylQjs8F12nrws0X8BCgA8nrg0kx5iUXfvFpEknTyf7Qr0aK6mZbXj4owC03R7UjVzkRA5uR4yQluegW4IOIe1XAmbjfUsETm2ngNh0QG8nIpUPIRM3BEL83QVlm8-GHp7yi8koqhGmKHfgNSpvgjj29zkS4GoUTmGriMZ4nX7KE36LDic0Mw9nGwiGk3s0BKVudLREXmNvxcC-WeX-APppmTCuFt0xU1wgDqVa1BJxkWto9UO3U_gOcMOOMW21E217rrvZPWJ7xb23ZbHy5nstT87lsb3Cl7ywRaTfddBNFeU8QxQbydwRmHJa-2EBLHBeGjdS3XtrN54aWZH9FwUaKz6ei18CyfY-0U_AAbHzH3lZ3AnhLFvaYTs9Tx-smfDNet_HY4Q-6z0MXyglX1uri9brhkhFVpZg2YIzozzji0wya9gHKu-gdLRZ3TXLHpVPn7xiIy8WaDT-OplR5IryHb0D2Mnh3TQpqs0U94CpUoO5RVOYnmQLHv0KG6getyGwSCTtE3HRL9STzYf_kiZBP_ee3cnG6_JoCJAi_y3BWwTcZl9ZfkRz9VAsvc4Fbzv2GJFrih3gsCJSAfG5qKKIVcaKdbovTIfSGtJPc7D165RYck8CCdt9kB1bQ5JioK3nywLzrcCOY4tFCRWvE8M5-cOAxoqBSGwbFRoHxOvAEW_O35J8zx2TE8kbf3840c5CrbtCI81baFsQmbh12LxvONJjdJ6msXFRqfmORadv6fPRCIgVsHOqrAUpgOWuEl95dL6qLpjA2yimvp8KWBSTU7Fg79-RRd3yP9bzUUDi-zrFP_lfiGLdXjmYftHpY9YOEnbQZWmx31crOVY-h-spoPajpRFXg7yGCjj92mbdRyre8DaeaFBRt4nDyOWn4XB58zZTZTl3J9Mrpfku9OTc8553Be9ES9erIimlkhUj7-N7za3y0gzinAdUYE4QyPyKV1BGzl5KHUJcYvBcTLO-VhUceC23E8ZUbRBpRAzbpDiGiz76kEv6jA3Nq_J3cD1_OMrVWkR1tM3gx3zk5tm1wxfg9FThPiyy4bPTIrV35QF65Z7uHK3XM38jY4ZbJzOUe08SHLyGdjqu57SMfSzuORDLfb77zWZKHF6uwHYy2sO9EffS7X7Z5xmqH6dTsnf_neP8nWgiTMSG5wUS32-EDCIdsjyzAOI_NybKnS4n-BjAdguupgAqlgYXMZNmN7UayBKTiEsIDn_kt9Hvj9y3RuB_JwUbJk0eCsX8zCRRTOYnKdDplVgUWh3RJQHt0xkhopgfu_ExVYEMdMzUfELdJT1g3GKOP9wGsdzFGI8lBuyvXKHV4jgdsPhKY2uR4YlMn9Z6iPj6m4rEmtYkVPjewcgaN7uFENih65mbtv8GBSSIoseYMRdoeDo0hPex2qYL2LH5uQDTUo7OqmOfqTOzVgNI_SLq2fkIwbO02Af9hEpE17zwsIg1-_ah2W5xB3x2rQXEB_iVP5ojyx5poxaviTvpqZMugvqhCTMmj6U4LJd5wiKwB7tYa0n5mcYrcIbe7LD-JvA09w2WLE8bFofgCuA1vNQP44Xak5rXftoxCgUCXKZIOyoOn_tzapogWDyMXxNjiy8TUQ4HxNLl_DUH0VpKDtOOG-mQz0ycEXbFc3c4nqwEhAzJZeApxa2A8nFl7Id1pSOy7lavWTqP7TLeKxI_NDbeiDbNoIUhtFUWcT7jWj0XphvgVxL6crhcG9MRHDhloi1-GA5RsLf-EPlK1ddlw_HYqZHVunIek8nFNmNn-imGUCRAA0cVt1oxbuOGRq-S6DUrCNSin2CRU3Sz7CLWVlgcdfJQXuct6Iq3XWK95mN6rIfngBLp3CAu1l86TNqFppiF_Y5tHqmYij1Efq7aqhTYfVq1lnKJSDCjZ2iTHSl9LGCI-8QrBCmWmdGALgbCjRO3-Ol1tgwATlMfDotD6l3uDF4juupKSGbVVoIKERvZc1aJup3Qzjbs_KSVhas3L1PwUKtfWpNqolN63KvrE2BG7V9fIDGkLFYGzaNVyLPopQpBsCpBCe1tsKutznDrl_SyP3VTdUd9fKKL1jLZRkf3PtT_QvK516JAWzje8q_ylwXHrkxCkYYimlxEvSeIjxhv9HvwD4on7BCNiph_f6p63Y6Ps8xP1z1oxH8jvimnK-NYvIt4hkH5F24T1AN1hGbULoCUZDGxwqZmxjrlgwy1afnXpZXpstEOLq5Qs6W1qz7RhwUL4MY43wT_Ad5IzPE8veqIOqnDgrkTs4Yw-dWupKV0_unWq78YQMxBcrbcP3q8yGKgYsZb9zuCy5pcMR8OA96dBSME8j_OKI4wt-a7BA2AEu6rZsJmlY0o5X5qq_OrLkX-SYMECN_Cj5TdLzM-1oogyhZAuSgzLH7FUPQAbNovcHfyeJRRQO8qMNndw6tsNPg7sYacz_hQA0puhoJIJsbUAtJ3Cw_Kpu5uVa7etmfJhtRhPrcVpMeirqAuka1Of0KL86-cdgT2bK8TBkeXqyJDlJW1WY6P2rRf5-R7d9PXVvX0pYWhTWyRN-GBK4BEx3m8goqz4E3_MTYkwrFTw317XB7FIRJAUR5XzORaPgvPFmS8bUkj2ZSQH_9vgMJ425hZHPXHbeU4RVy8xJUrtCnRukRYfuiOkPSEWtiW53F1_EMp1lSIKV99BS_kTA56dCHwZiVUXoBUNTD4HLF2u-W3x7eRcY40hTJopL9hfMCpe4057anPSr_zP77OYmRbCEguSnX5KD6FmMF0e9IZ--H4Kch6OWQelMpqWU92xgZPkgNyi0vxgIk3gMiG92NzPKnz1_0SKuZFYa6XlPwgqyVRcuDirsRaVXHTvcytzXq1JzgEZP6P0muOddbqmC-Sjd1fnLModuivkIakCdJC2S_KJsUuiZEUpA5QPvP2t2Xj8_pl2QrN02Cf-Cc5dRJ1Zq7PKAf-f7nOMyhkP-rarCBG0m76l2EUsp-fksN0eyaUIDiai2YImjK95N5VRXi2zWRaFmtKb3Mbe0OtTAulo2UqMW5ZwYR2W18GyFr75pDcBhUIdHumM_XQoi4VbzzLfHUJSfPNYiD5_fxrGTWvtH44gj5d5-dxPK51An0keCTYrZdjkRYUKpM2xOXamuL7nwOLocvpaH9BdgjkHhNK89Xicr1f5BnPmuHzT1d67fSE1twv6VR0Drc99-ob4s2ai4gkqeBAyAa-S512riiIBdHx1XV-HnhPg3D3kq2xvVAktCeKHavF8qCbjf0YFlIe2heRWaefo0NCUMGq_ShTBJiRiN4RW18OI6piePF6eFK7Zzl1X8hwVKZXAjuIogtiZ_9_HxO73WTbYYpe6FNBPqtOylDX9jEGLprNstndlxcPDoRp0W7JLQkQ7OepMyVEpN31sxs5sXxih1cBXI97CXoHekxThbaEOnXVfZTtl8dizGSd&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801185133193216&eclog=0&im=1 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=b2e4283363f40cf1d63d6d9291676ceb1714107433&psp=wVbsGAU_D2UELZcz9tPGSOLXVYc_XElW8etZFpa9sapRRbnLEMhSZMHVFkdDyV49PMXi_gXinmpeeHo0oXlbsW9T3lC3Pglk1nhEjAfLtY2bBH7kf57Bu0-t4DnNXte6VqXgMb__0AIPVbfHIRPQHhhAeTBLumfXJRZFk5InYyFhhTtUnG5DTAcJf_b2ZVSadDF4D0XrbqISfcBDtfbpx4Tc-fMezIUU9BYggS0SHzJBUXJy2OvjbVIM3iM6refbPAiR2AWeqESh-K0mNli_x83MBHOPDVBE6YAySJdMLoXr5AAy9PWvd0PNcHpcyrtnJwVuugYdKt5l4RWUtj6mQTTQO2WXZv6Zi6EcoBsHLHIAMsAXYAg-GxyxE3VJ2NuBr_7vZmsQcXwIxaLyIE-V2kvXKfvaVJZFwOZeuhqGB2PDEA8pH6M5NF_x4viEHOkoNes6RjgRhqbbkDu3ZmfUVTyQUdjYjgMDGZhhueD7Ga17PHmYS8UTtBLSKEoBfXylQjs8F12nrws0X8BCgA8nrg0kx5iUXfvFpEknTyf7Qr0aK6mZbXj4owC03R7UjVzkRA5uR4yQluegW4IOIe1XAmbjfUsETm2ngNh0QG8nIpUPIRM3BEL83QVlm8-GHp7yi8koqhGmKHfgNSpvgjj29zkS4GoUTmGriMZ4nX7KE36LDic0Mw9nGwiGk3s0BKVudLREXmNvxcC-WeX-APppmTCuFt0xU1wgDqVa1BJxkWto9UO3U_gOcMOOMW21E217rrvZPWJ7xb23ZbHy5nstT87lsb3Cl7ywRaTfddBNFeU8QxQbydwRmHJa-2EBLHBeGjdS3XtrN54aWZH9FwUaKz6ei18CyfY-0U_AAbHzH3lZ3AnhLFvaYTs9Tx-smfDNet_HY4Q-6z0MXyglX1uri9brhkhFVpZg2YIzozzji0wya9gHKu-gdLRZ3TXLHpVPn7xiIy8WaDT-OplR5IryHb0D2Mnh3TQpqs0U94CpUoO5RVOYnmQLHv0KG6getyGwSCTtE3HRL9STzYf_kiZBP_ee3cnG6_JoCJAi_y3BWwTcZl9ZfkRz9VAsvc4Fbzv2GJFrih3gsCJSAfG5qKKIVcaKdbovTIfSGtJPc7D165RYck8CCdt9kB1bQ5JioK3nywLzrcCOY4tFCRWvE8M5-cOAxoqBSGwbFRoHxOvAEW_O35J8zx2TE8kbf3840c5CrbtCI81baFsQmbh12LxvONJjdJ6msXFRqfmORadv6fPRCIgVsHOqrAUpgOWuEl95dL6qLpjA2yimvp8KWBSTU7Fg79-RRd3yP9bzUUDi-zrFP_lfiGLdXjmYftHpY9YOEnbQZWmx31crOVY-h-spoPajpRFXg7yGCjj92mbdRyre8DaeaFBRt4nDyOWn4XB58zZTZTl3J9Mrpfku9OTc8553Be9ES9erIimlkhUj7-N7za3y0gzinAdUYE4QyPyKV1BGzl5KHUJcYvBcTLO-VhUceC23E8ZUbRBpRAzbpDiGiz76kEv6jA3Nq_J3cD1_OMrVWkR1tM3gx3zk5tm1wxfg9FThPiyy4bPTIrV35QF65Z7uHK3XM38jY4ZbJzOUe08SHLyGdjqu57SMfSzuORDLfb77zWZKHF6uwHYy2sO9EffS7X7Z5xmqH6dTsnf_neP8nWgiTMSG5wUS32-EDCIdsjyzAOI_NybKnS4n-BjAdguupgAqlgYXMZNmN7UayBKTiEsIDn_kt9Hvj9y3RuB_JwUbJk0eCsX8zCRRTOYnKdDplVgUWh3RJQHt0xkhopgfu_ExVYEMdMzUfELdJT1g3GKOP9wGsdzFGI8lBuyvXKHV4jgdsPhKY2uR4YlMn9Z6iPj6m4rEmtYkVPjewcgaN7uFENih65mbtv8GBSSIoseYMRdoeDo0hPex2qYL2LH5uQDTUo7OqmOfqTOzVgNI_SLq2fkIwbO02Af9hEpE17zwsIg1-_ah2W5xB3x2rQXEB_iVP5ojyx5poxaviTvpqZMugvqhCTMmj6U4LJd5wiKwB7tYa0n5mcYrcIbe7LD-JvA09w2WLE8bFofgCuA1vNQP44Xak5rXftoxCgUCXKZIOyoOn_tzapogWDyMXxNjiy8TUQ4HxNLl_DUH0VpKDtOOG-mQz0ycEXbFc3c4nqwEhAzJZeApxa2A8nFl7Id1pSOy7lavWTqP7TLeKxI_NDbeiDbNoIUhtFUWcT7jWj0XphvgVxL6crhcG9MRHDhloi1-GA5RsLf-EPlK1ddlw_HYqZHVunIek8nFNmNn-imGUCRAA0cVt1oxbuOGRq-S6DUrCNSin2CRU3Sz7CLWVlgcdfJQXuct6Iq3XWK95mN6rIfngBLp3CAu1l86TNqFppiF_Y5tHqmYij1Efq7aqhTYfVq1lnKJSDCjZ2iTHSl9LGCI-8QrBCmWmdGALgbCjRO3-Ol1tgwATlMfDotD6l3uDF4juupKSGbVVoIKERvZc1aJup3Qzjbs_KSVhas3L1PwUKtfWpNqolN63KvrE2BG7V9fIDGkLFYGzaNVyLPopQpBsCpBCe1tsKutznDrl_SyP3VTdUd9fKKL1jLZRkf3PtT_QvK516JAWzje8q_ylwXHrkxCkYYimlxEvSeIjxhv9HvwD4on7BCNiph_f6p63Y6Ps8xP1z1oxH8jvimnK-NYvIt4hkH5F24T1AN1hGbULoCUZDGxwqZmxjrlgwy1afnXpZXpstEOLq5Qs6W1qz7RhwUL4MY43wT_Ad5IzPE8veqIOqnDgrkTs4Yw-dWupKV0_unWq78YQMxBcrbcP3q8yGKgYsZb9zuCy5pcMR8OA96dBSME8j_OKI4wt-a7BA2AEu6rZsJmlY0o5X5qq_OrLkX-SYMECN_Cj5TdLzM-1oogyhZAuSgzLH7FUPQAbNovcHfyeJRRQO8qMNndw6tsNPg7sYacz_hQA0puhoJIJsbUAtJ3Cw_Kpu5uVa7etmfJhtRhPrcVpMeirqAuka1Of0KL86-cdgT2bK8TBkeXqyJDlJW1WY6P2rRf5-R7d9PXVvX0pYWhTWyRN-GBK4BEx3m8goqz4E3_MTYkwrFTw317XB7FIRJAUR5XzORaPgvPFmS8bUkj2ZSQH_9vgMJ425hZHPXHbeU4RVy8xJUrtCnRukRYfuiOkPSEWtiW53F1_EMp1lSIKV99BS_kTA56dCHwZiVUXoBUNTD4HLF2u-W3x7eRcY40hTJopL9hfMCpe4057anPSr_zP77OYmRbCEguSnX5KD6FmMF0e9IZ--H4Kch6OWQelMpqWU92xgZPkgNyi0vxgIk3gMiG92NzPKnz1_0SKuZFYa6XlPwgqyVRcuDirsRaVXHTvcytzXq1JzgEZP6P0muOddbqmC-Sjd1fnLModuivkIakCdJC2S_KJsUuiZEUpA5QPvP2t2Xj8_pl2QrN02Cf-Cc5dRJ1Zq7PKAf-f7nOMyhkP-rarCBG0m76l2EUsp-fksN0eyaUIDiai2YImjK95N5VRXi2zWRaFmtKb3Mbe0OtTAulo2UqMW5ZwYR2W18GyFr75pDcBhUIdHumM_XQoi4VbzzLfHUJSfPNYiD5_fxrGTWvtH44gj5d5-dxPK51An0keCTYrZdjkRYUKpM2xOXamuL7nwOLocvpaH9BdgjkHhNK89Xicr1f5BnPmuHzT1d67fSE1twv6VR0Drc99-ob4s2ai4gkqeBAyAa-S512riiIBdHx1XV-HnhPg3D3kq2xvVAktCeKHavF8qCbjf0YFlIe2heRWaefo0NCUMGq_ShTBJiRiN4RW18OI6piePF6eFK7Zzl1X8hwVKZXAjuIogtiZ_9_HxO73WTbYYpe6FNBPqtOylDX9jEGLprNstndlxcPDoRp0W7JLQkQ7OepMyVEpN31sxs5sXxih1cBXI97CXoHekxThbaEOnXVfZTtl8dizGSd&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801185133193216&eclog=0&im=1 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2404252157893a093a80dd4113a745c0d080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Sun, 26 May 2024 02:57:15 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmKeNQ; Path=/; Expires=Sun, 26 May 2024 02:57:15 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11OS05DMRC7Chd4kWcyk0/XrEECcYD0pU9sShdlUSQfnqR8VLAVaTJjW1aoLbBF/U5153knkVVCRTAN4saHxyeasB17ez2d38N6OtKsmAtLxZgo0ChJ6ZrMEugodMm5AKwxFceIEWckBtWj2ZwChu8WzODL8/31yWRmBC7qGJ9ZgwqOJOIyg7aBNWZNNbvvC3qSQ+ue91tLTaRO4d/a+GKA+rzqz2JwmeIoFnWUGwCv63b+eFvJG+Gk/1qn6//1+1LATDGbIlqHpNz2UVZEa4dcLfVVJaWqW0f5BBblDwqGAQAA | 95.211.229.245 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11OS05DMRC7Chd4kWcyk0/XrEECcYD0pU9sShdlUSQfnqR8VLAVaTJjW1aoLbBF/U5153knkVVCRTAN4saHxyeasB17ez2d38N6OtKsmAtLxZgo0ChJ6ZrMEugodMm5AKwxFceIEWckBtWj2ZwChu8WzODL8/31yWRmBC7qGJ9ZgwqOJOIyg7aBNWZNNbvvC3qSQ+ue91tLTaRO4d/a+GKA+rzqz2JwmeIoFnWUGwCv63b+eFvJG+Gk/1qn6//1+1LATDGbIlqHpNz2UVZEa4dcLfVVJaWqW0f5BBblDwqGAQAA IP95.211.229.245:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA11OS05DMRC7Chd4kWcyk0/XrEECcYD0pU9sShdlUSQfnqR8VLAVaTJjW1aoLbBF/U5153knkVVCRTAN4saHxyeasB17ez2d38N6OtKsmAtLxZgo0ChJ6ZrMEugodMm5AKwxFceIEWckBtWj2ZwChu8WzODL8/31yWRmBC7qGJ9ZgwqOJOIyg7aBNWZNNbvvC3qSQ+ue91tLTaRO4d/a+GKA+rzqz2JwmeIoFnWUGwCv63b+eFvJG+Gk/1qn6//1+1LATDGbIlqHpNz2UVZEa4dcLfVVJaWqW0f5BBblDwqGAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b18096208f3.01225959317901101%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:57:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OQU4DMQxFr8IFZmQ7dpx0zRokEAfIJIzYlC7Kokj/8DitQICfLH3Z/8sWEl1IF7E7kYP5gRMqr5VWlZVN8fD4BGW042hvp/PH2k9HqBY1RqkUCkySOAtMsqoVGEWzeyFCTbkYmYANCRSIJdWpVqLEcMLL8/21OchIRBcxCj0vQwgami4zu0f15JKrm22FRubXNsy3veXGXKfx76d0Y2Vxj618D4JlmhNrkvgninAdt/Pnewd+GSf2E52p/9sbxRE3VKcHvZS2l+Yt7UNpbLltXMx67DsPsS8zcTmPeAEAAA== | 95.211.229.245 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OQU4DMQxFr8IFZmQ7dpx0zRokEAfIJIzYlC7Kokj/8DitQICfLH3Z/8sWEl1IF7E7kYP5gRMqr5VWlZVN8fD4BGW042hvp/PH2k9HqBY1RqkUCkySOAtMsqoVGEWzeyFCTbkYmYANCRSIJdWpVqLEcMLL8/21OchIRBcxCj0vQwgami4zu0f15JKrm22FRubXNsy3veXGXKfx76d0Y2Vxj618D4JlmhNrkvgninAdt/Pnewd+GSf2E52p/9sbxRE3VKcHvZS2l+Yt7UNpbLltXMx67DsPsS8zcTmPeAEAAA== IP95.211.229.245:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OQU4DMQxFr8IFZmQ7dpx0zRokEAfIJIzYlC7Kokj/8DitQICfLH3Z/8sWEl1IF7E7kYP5gRMqr5VWlZVN8fD4BGW042hvp/PH2k9HqBY1RqkUCkySOAtMsqoVGEWzeyFCTbkYmYANCRSIJdWpVqLEcMLL8/21OchIRBcxCj0vQwgami4zu0f15JKrm22FRubXNsy3veXGXKfx76d0Y2Vxj618D4JlmhNrkvgninAdt/Pnewd+GSf2E52p/9sbxRE3VKcHvZS2l+Yt7UNpbLltXMx67DsPsS8zcTmPeAEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b18096208f3.01225959317901101%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:57:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/images/close-icon-circle.png | 185.76.9.22 | 200 OK | 405 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon-circle.png IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hashbc8bf5d1633e548e9a178bf29be30b7b bd290b6eabd73d2c95db053620797503e9178484 94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
GET /images/close-icon-circle.png HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-type: image/png
content-length: 405
last-modified: Tue, 25 Oct 2022 11:33:38 GMT
etag: "6357c992-195"
expires: Fri, 27 Oct 2023 07:10:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3h0eLAQ
x-77-nzt-ray: af5856304009f77f0c182b66b9a37924
x-accel-expires: @1719731205
x-accel-date: 1688195205
x-cache: HIT
x-age: 25905031
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25905031
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1070
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc; cf_clearance=mK0IWymUVo6tMqyx59xIi8QrmJAbC4.eU2GY6GMCuUA-1714100233-1.0.1.1-1TjkPMuLu0eqNAjqCs08TC.P4ayrkpdzenIrSL7saw_2V1aIQtx9FLOdfG.c9THLDnL4QfoIrD5dt8Z59775bA; a=0lTsh8b2bP7w3WT4f0RCRpUJ8mh7XxWD; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAAh3wz0S8gxv3dT_56qYHjat5SeSpYytPbgTTIH8N4YRNeYzP9A71asapcma3M0gjjYMMfYAwALQAyOqI6RCf9rBUi6XO6VOEzm9DUXfpUUYTv4S2-42FI7dpAR5UfQTHuKora_r2Rto943RN_Zkzn-VyHBNya6gpizI_xm1-oq3rG4LJxbjO_Cc99iB1QG7AOSMQEy5x3OkYsArrJ9ImqpaEG2hfT1bPnGYsdGnIFRwS1_5H5ykGQv01_Y3CSPS8ITquqSFoFPsLSgd38bq2kPT2BqfoLqBHUsQDEW9Y6FhcpvSXscN7nwsEUKDvEXyumAmIn7eeUT6oCCJl76JzhVK0CQi_-KBYE0u68-Pi-pTnDWzpNcaIBDn6IyJ-dmKA_cf51MiskMzQsfHjmqwv395L4MgJOei4JYAkD7gBLFaDMC2VL04xk2SfDM9T1tu9lQJnbPZjfyvU67BWAwSUodIrwB7VrTPAGeAdNT32VD3wRcrPMCRQGdjR3Oh-4yOokJp4Rkm3slqk3W4iaJvoetNxO9MfxohQu0GarnPIN381Ucii7kFClAHgHJrD6oM3VGL8asByd5HN9arQTgQo2swPY_c_BFbfrthDu6eaNYIJaOo89EWK34smFu9exJPb86KDi_RLE5oRMdkAB5SN5Ao234G7ENZkz1EtWX6EgWMM9EhNHYt6xVr6iZmBOp7ZD7izu8a9mi47g-sq0UD9JoNu9EE1V8DOUQWY9UNnR-3BSC7aTj-ktCBpS-SZATy8cH8yiG26tnTQ1BrH6twLXwtLLEvNg7eNqTD6h5vTmC4Z6fZj2oIkGbfnz7P5w8tkLIuac0Kg2d4yEqzlwv7NmKQxPwrICpaCDphAcDgUZ9nktU2TBKGpLf0P7G0b5oUKgMmARao7Y7j09RBiAPMxU5k_7LxWZCjjCceBM_MrmWWp7Budgw91jA9H6RzIjSnCQZj6kzNAAn_xRPCEcE1AHM0-oC2E5OibUMBkNVEYul-9; zone-cap-5263454=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 02:57:16 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a34def3ff0b4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| s3t3d2y8.afcdn.net/library/438437/765c6def0cb1aae1a08c82c835432d21fec77c7f.webp | 185.76.9.22 | 200 OK | 16 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/438437/765c6def0cb1aae1a08c82c835432d21fec77c7f.webp IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 720x480, Scaling: [none]x[none], YUV color, decoders should clamp Hash39e28cd0c4a4e20419ef12bc9068843c 765c6def0cb1aae1a08c82c835432d21fec77c7f ccc5a0a297159d3ba529b484e46c415c7a43fb251c5a66a7d4cc32342e5db6f9
GET /library/438437/765c6def0cb1aae1a08c82c835432d21fec77c7f.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-type: image/webp
content-length: 15936
last-modified: Fri, 03 Dec 2021 17:22:49 GMT
etag: "61aa5269-3e40"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Sat, 14 Dec 2024 04:55:29 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH3SK0uAAwBuUwKEwH3f7kUAAwB1GY4EQH3BNVrAA
x-77-nzt-ray: af5856304009f77f0c182b66180b5828
x-accel-expires: @1734152129
x-accel-date: 1711041220
x-77-cache: HIT
x-77-age: 3059016
server: CDN77-Turbo
x-cache: HIT
x-age: 3059016
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 172.67.174.51 | 200 OK | 410 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP172.67.174.51:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: d0a98c1d81740d7525ed96e18250167c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mAG9ZOwcs8TrPuvibjTdlGO6SXv43HzS1IiaqN6FcubRx0rdl1yQGxzrs8Wgxy5KYwRaKS3lGAFlYBeDkFqE7fkOT%2B7NgMyBG3wC7qA8CDrZEVLMveAlgvjqWs2Vr3j6Zyo9WdM3fINPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a34dee7d5c5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 0c0be7a0c2.0ab9f67572.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDQ0MTcyMDkxNTQwMzQ0NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6Mi45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/20c0be7a0c2.0ab9f67572.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDQ0MTcyMDkxNTQwMzQ0NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6Mi45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject0c0be7a0c2.0ab9f67572.com Fingerprint1E:76:86:5C:33:12:91:B3:DB:48:95:9C:34:E9:19:B7:9C:E5:BE:83 ValidityTue, 23 Apr 2024 04:00:22 GMT - Mon, 22 Jul 2024 04:00:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDQ0MTcyMDkxNTQwMzQ0NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6Mi45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 0c0be7a0c2.0ab9f67572.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Fri, 26 Apr 2024 02:57:16 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash201328753d359ed6101fd718f40a0987 92830b97da5731bde623915dbee83f1442cd6d28 ec9c14d29249320bd6e9194a07a354616f9df7f39e4b899460dbe1ad1b686d36
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 26 Apr 2024 02:57:17 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=15003908204245753513; Expires=Sat, 26 Apr 2025 02:57:17 GMT; Secure; SameSite=None
Vary: Origin
|
|
| s3t3d2y8.afcdn.net/library/448451/87509dd9c0982731f9ed80f068d37e069dfd50a2.mp4 | 185.76.9.22 | 206 Partial Content | 47 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/448451/87509dd9c0982731f9ed80f068d37e069dfd50a2.mp4 IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash1900d577f65b6659e244bee550caeba1 87509dd9c0982731f9ed80f068d37e069dfd50a2 001888f493493ead47379f00b38a115df332541502c062ba21b0593ad1eae7f3
GET /library/448451/87509dd9c0982731f9ed80f068d37e069dfd50a2.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 02:57:17 GMT
content-type: video/mp4
content-length: 46794
last-modified: Fri, 01 Mar 2024 20:06:15 GMT
etag: "65e23537-b6ca"
accept-ch:
expires: Sat, 01 Mar 2025 20:40:01 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH3m9pIAAwBuUwKEwH3UQAAAAgBJRPCNAGB
x-77-nzt-ray: af5856304009f77f0d182b66dfdb7d28
x-accel-expires: @1740861601
x-77-cache: HIT
x-accel-date: 1709325682
x-77-age: 4774555
server: CDN77-Turbo
x-cache: HIT
x-age: 4774555
x-77-pop: stockholmSE
content-range: bytes 0-46793/46794
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/448451/0859a1522aab8b8d9df300e5bfc12f77649456da.mp4 | 185.76.9.22 | 206 Partial Content | 33 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/448451/0859a1522aab8b8d9df300e5bfc12f77649456da.mp4 IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash2002cb88486c97f212033bf29860798f 0859a1522aab8b8d9df300e5bfc12f77649456da 446cda0fd72dec72e8c380769be2e4b99f3503a5fb3d17de18562d73ab37e3ea
GET /library/448451/0859a1522aab8b8d9df300e5bfc12f77649456da.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 02:57:17 GMT
content-type: video/mp4
content-length: 33207
last-modified: Fri, 01 Mar 2024 20:06:15 GMT
etag: "65e23537-81b7"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Sat, 01 Mar 2025 20:41:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH3ktpIAAwBuUwKEwH3GwAAAAgBisclwQGB
x-77-nzt-ray: af5856304009f77f0d182b661e909428
x-accel-expires: @1740861664
x-77-cache: HIT
x-accel-date: 1709325691
x-77-age: 4774546
server: CDN77-Turbo
x-cache: HIT
x-age: 4774546
x-77-pop: stockholmSE
content-range: bytes 0-33206/33207
X-Firefox-Spdy: h2
|
|
| img.cdn.house/i/1/APr_WL9RneO_F7iTSu5YuuMSr59z1_92e5pktZC38CYWvRsqqtJrXWLlsNdFmrMvSzN7SFM5K9AA6AqjjiKDw1mv5zyJUdewltrqS_tULrUYc-ZDB4nuJUjH0kJ_bKQU_FyKo7el5vBt_8QNXazlSTv-TmNfhZV5ksNJ7u_tK7Pw6cHVp-EQFa7BkDVlniDVAowq1q5R | 95.216.14.117 | 200 OK | 4.2 kB |
URL GET HTTP/2img.cdn.house/i/1/APr_WL9RneO_F7iTSu5YuuMSr59z1_92e5pktZC38CYWvRsqqtJrXWLlsNdFmrMvSzN7SFM5K9AA6AqjjiKDw1mv5zyJUdewltrqS_tULrUYc-ZDB4nuJUjH0kJ_bKQU_FyKo7el5vBt_8QNXazlSTv-TmNfhZV5ksNJ7u_tK7Pw6cHVp-EQFa7BkDVlniDVAowq1q5R IP95.216.14.117:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectimg.cdn.house Fingerprint98:AC:05:29:31:CD:6B:03:04:7D:9B:28:08:AA:B1:09:56:1A:CA:30 ValidityThu, 21 Mar 2024 10:50:12 GMT - Wed, 19 Jun 2024 10:50:11 GMT
File typeRIFF (little-endian) data, Web/P image Hashaca41d0e01f328901226b55091dd1ea2 96281ed9dd8828aa46a5c1397c27a1adc6987752 abf6dc2986be814856fb8b45320b3be13c365cec2df6ccb2a74b3a234657c86c
GET /i/1/APr_WL9RneO_F7iTSu5YuuMSr59z1_92e5pktZC38CYWvRsqqtJrXWLlsNdFmrMvSzN7SFM5K9AA6AqjjiKDw1mv5zyJUdewltrqS_tULrUYc-ZDB4nuJUjH0kJ_bKQU_FyKo7el5vBt_8QNXazlSTv-TmNfhZV5ksNJ7u_tK7Pw6cHVp-EQFa7BkDVlniDVAowq1q5R HTTP/1.1
Host: img.cdn.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:17 GMT
content-type: image/webp
content-length: 4150
last-modified: Sun, 21 Jan 2024 10:29:52 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| frhc5krzrmdt.s4.adsco.re/ | 185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2frhc5krzrmdt.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: frhc5krzrmdt.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:17 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xadsmart.com/qcextihuxcbsee?YOPhoKVt=BQLyAAAAAAAACZUAAh3wz0S8gxv3dT_56qYHjat5SeSpYytPbgTTIH8N4YRNeYzP9A71asapcma3M0gjjYMMfYAwALQAyOqI6RCf9rBUi6XO6VOEzm9DUXfpUUYTv4S2-42FI7dpAR5UfQTHuKora_r2Rto943RN_Zkzn-VyHBNya6gpizI_xm1-oq3rG4LJxbjO_Cc99iB1QG7AOSMQEy5x3OkYsArrJ9ImqpaEG2hfT1bPnGYsdGnIFRwS1_5H5ykGQv01_Y3CSPS8ITquqSFoFPsLSgd38bq2kPT2BqfoLqBHUsQDEW9Y6FhcpvSXscN7nwsEUKDvEXyumAmIn7eeUT6oCCJl76JzhVK0CQi_-KBYE0u68-Pi-pTnDWzpNcaIBDn6IyJ-dmKA_cf51MiskMzQsfHjmqwv395L4MgJOei4JYAkD7gBLFaDMC2VL04xk2SfDM9T1tu9lQJnbPZjfyvU67BWAwSUodIrwB7VrTPAGeAdNT32VD3wRcrPMCRQGdjR3Oh-4yOokJp4Rkm3slqk3W4iaJvoetNxO9MfxohQu0GarnPIN381Ucii7kFClAHgHJrD6oM3VGL8asByd5HN9arQTgQo2swPY_c_BFbfrthDu6eaNYIJaOo89EWK34smFu9exJPb86KDi_RLE5oRMdkAB5SN5Ao234G7ENZkz1EtWX6EgWMM9EhNHYt6xVr6iZmBOp7ZD7izu8a9mi47g-sq0UD9JoNu9EE1V8DOUQWY9UNnR-3BSC7aTj-ktCBpS-SZATy8cH8yiG26tnTQ1BrH6twLXwtLLEvNg7eNqTD6h5vTmC4Z6fZj2oIkGbfnz7P5w8tkLIuac0Kg2d4yEqzlwv7NmKQxPwrICpaCDphAcDgUZ9nktU2TBKGpLf0P7G0b5oUKgMmARao7Y7j09RBiAPMxU5k_7LxWZCjjCceBM_MrmWWp7Budgw91jA9H6RzIjSnCQZj6kzNAAn_xRPCEcE1AHM0-oC2E5OibUMBkNVEYul-9&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 | 104.153.197.251 | 200 OK | 44 B |
URL GET HTTP/2xadsmart.com/qcextihuxcbsee?YOPhoKVt=BQLyAAAAAAAACZUAAh3wz0S8gxv3dT_56qYHjat5SeSpYytPbgTTIH8N4YRNeYzP9A71asapcma3M0gjjYMMfYAwALQAyOqI6RCf9rBUi6XO6VOEzm9DUXfpUUYTv4S2-42FI7dpAR5UfQTHuKora_r2Rto943RN_Zkzn-VyHBNya6gpizI_xm1-oq3rG4LJxbjO_Cc99iB1QG7AOSMQEy5x3OkYsArrJ9ImqpaEG2hfT1bPnGYsdGnIFRwS1_5H5ykGQv01_Y3CSPS8ITquqSFoFPsLSgd38bq2kPT2BqfoLqBHUsQDEW9Y6FhcpvSXscN7nwsEUKDvEXyumAmIn7eeUT6oCCJl76JzhVK0CQi_-KBYE0u68-Pi-pTnDWzpNcaIBDn6IyJ-dmKA_cf51MiskMzQsfHjmqwv395L4MgJOei4JYAkD7gBLFaDMC2VL04xk2SfDM9T1tu9lQJnbPZjfyvU67BWAwSUodIrwB7VrTPAGeAdNT32VD3wRcrPMCRQGdjR3Oh-4yOokJp4Rkm3slqk3W4iaJvoetNxO9MfxohQu0GarnPIN381Ucii7kFClAHgHJrD6oM3VGL8asByd5HN9arQTgQo2swPY_c_BFbfrthDu6eaNYIJaOo89EWK34smFu9exJPb86KDi_RLE5oRMdkAB5SN5Ao234G7ENZkz1EtWX6EgWMM9EhNHYt6xVr6iZmBOp7ZD7izu8a9mi47g-sq0UD9JoNu9EE1V8DOUQWY9UNnR-3BSC7aTj-ktCBpS-SZATy8cH8yiG26tnTQ1BrH6twLXwtLLEvNg7eNqTD6h5vTmC4Z6fZj2oIkGbfnz7P5w8tkLIuac0Kg2d4yEqzlwv7NmKQxPwrICpaCDphAcDgUZ9nktU2TBKGpLf0P7G0b5oUKgMmARao7Y7j09RBiAPMxU5k_7LxWZCjjCceBM_MrmWWp7Budgw91jA9H6RzIjSnCQZj6kzNAAn_xRPCEcE1AHM0-oC2E5OibUMBkNVEYul-9&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 IP104.153.197.251:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subjectxadsmart.com FingerprintFC:E8:BA:57:31:46:6D:51:70:B5:42:35:6E:CF:97:6F:AF:38:C5:58 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /qcextihuxcbsee?YOPhoKVt=BQLyAAAAAAAACZUAAh3wz0S8gxv3dT_56qYHjat5SeSpYytPbgTTIH8N4YRNeYzP9A71asapcma3M0gjjYMMfYAwALQAyOqI6RCf9rBUi6XO6VOEzm9DUXfpUUYTv4S2-42FI7dpAR5UfQTHuKora_r2Rto943RN_Zkzn-VyHBNya6gpizI_xm1-oq3rG4LJxbjO_Cc99iB1QG7AOSMQEy5x3OkYsArrJ9ImqpaEG2hfT1bPnGYsdGnIFRwS1_5H5ykGQv01_Y3CSPS8ITquqSFoFPsLSgd38bq2kPT2BqfoLqBHUsQDEW9Y6FhcpvSXscN7nwsEUKDvEXyumAmIn7eeUT6oCCJl76JzhVK0CQi_-KBYE0u68-Pi-pTnDWzpNcaIBDn6IyJ-dmKA_cf51MiskMzQsfHjmqwv395L4MgJOei4JYAkD7gBLFaDMC2VL04xk2SfDM9T1tu9lQJnbPZjfyvU67BWAwSUodIrwB7VrTPAGeAdNT32VD3wRcrPMCRQGdjR3Oh-4yOokJp4Rkm3slqk3W4iaJvoetNxO9MfxohQu0GarnPIN381Ucii7kFClAHgHJrD6oM3VGL8asByd5HN9arQTgQo2swPY_c_BFbfrthDu6eaNYIJaOo89EWK34smFu9exJPb86KDi_RLE5oRMdkAB5SN5Ao234G7ENZkz1EtWX6EgWMM9EhNHYt6xVr6iZmBOp7ZD7izu8a9mi47g-sq0UD9JoNu9EE1V8DOUQWY9UNnR-3BSC7aTj-ktCBpS-SZATy8cH8yiG26tnTQ1BrH6twLXwtLLEvNg7eNqTD6h5vTmC4Z6fZj2oIkGbfnz7P5w8tkLIuac0Kg2d4yEqzlwv7NmKQxPwrICpaCDphAcDgUZ9nktU2TBKGpLf0P7G0b5oUKgMmARao7Y7j09RBiAPMxU5k_7LxWZCjjCceBM_MrmWWp7Budgw91jA9H6RzIjSnCQZj6kzNAAn_xRPCEcE1AHM0-oC2E5OibUMBkNVEYul-9&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
set-cookie: PP_CV=yes; expires=Fri, 26 Apr 2024 03:57:17 GMT; Max-Age=3600
fraudcheck=c4ea24b8a572efa6541df61860e9024d; expires=Sun, 26 May 2024 02:57:17 GMT; Max-Age=2592000; path=/; domain=.popads.net
popads-ec: 5
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 26 Apr 2024 02:57:18 GMT
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.162.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.162.84:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:4WsJXyjNVF6gHR1W3ax-n3QgaaW-VQ:_XxI9aleO5rMCbJs; Expires=Sun, 26-Apr-2026 02:57:18 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:57:18 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwaVwGTOe9DKTvKTHsgbipD_JRH9OP5fLLPPRkstAG8D7vcvI3hbvJ_aPeOY8NQE-0r9w-i
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-Kg1j2wEwyMWPVYC_vaVj0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwaVwGTOe9DKTvKTHsgbipD_JRH9OP5fLLPPRkstAG8D7vcvI3hbvJ_aPeOY8NQE-0r9w-i | 64.233.162.84 | 302 Found | 428 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwaVwGTOe9DKTvKTHsgbipD_JRH9OP5fLLPPRkstAG8D7vcvI3hbvJ_aPeOY8NQE-0r9w-i IP64.233.162.84:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
File typeHTML document, ASCII text, with very long lines (403) Hashac95510e4b52789c0502289435fb9c21 34543a37fd309b44c13fc8a4acfd5f87e88b4bd3 1ac65d164b0d10df425754909c131843eb3fb1079a7c569d2cf5a1727f6acd92
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwaVwGTOe9DKTvKTHsgbipD_JRH9OP5fLLPPRkstAG8D7vcvI3hbvJ_aPeOY8NQE-0r9w-i HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:iTLPYxxizFMKgdQnXgvtWcfeO9euSg:TxKPAr7t3T---clt;Path=/;Expires=Sun, 26-Apr-2026 02:57:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:57:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwpohUBaRowCwSkWZTfUXMAqWNuVngbYK9WTzuzZ6vrLXQnCkVqj0xe4TUJwH_9ExxnPmX1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-520012254%3A1714100238151185&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-InViMmfYVCqMnZHrfCQjjw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.4 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hash2b5e570b7179aa0043c819cb02d5de50 f106cd49fb1c5e2276fba45cd69e67331801536f 9c190d202c150537ddcc35c24bad7d0f0b9c7bebc9c4ccb671854886daeacf03
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1402
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 26 Apr 2024 02:57:18 GMT
content-type: application/json
content-length: 6390
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwpohUBaRowCwSkWZTfUXMAqWNuVngbYK9WTzuzZ6vrLXQnCkVqj0xe4TUJwH_9ExxnPmX1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-520012254%3A1714100238151185&theme=mn&ddm=0 | 64.233.162.84 | 403 Forbidden | 10 kB |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwpohUBaRowCwSkWZTfUXMAqWNuVngbYK9WTzuzZ6vrLXQnCkVqj0xe4TUJwH_9ExxnPmX1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-520012254%3A1714100238151185&theme=mn&ddm=0 IP64.233.162.84:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typegzip compressed data, max compression Hasha7d5c85182dfc3fc9540ae7e3a7ca06b cca0c47669b014e0120887d19adec4775e06fd0d 2c9270c3c22331bc3f04da8129ef63ef221ca10de7356611af84818793ef0216
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwpohUBaRowCwSkWZTfUXMAqWNuVngbYK9WTzuzZ6vrLXQnCkVqj0xe4TUJwH_9ExxnPmX1&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-520012254%3A1714100238151185&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:57:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-FrwExgxkuOfRpUQ0bOg7Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.162.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.162.84:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:h2xEOqdAX25e7y2-8gyMR6-Zms86_g:cFouXuQUeYxVL_LZ; Expires=Sun, 26-Apr-2026 02:57:21 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:57:21 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwsALkcEORFrCF7zF2RanjRTPohzWUSjcvW1LMPPZzGf5LyaOMsv4Q3iE4UC4WJ3xK6kZLRKQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-6cAf-797X0iFjYTPKUFITQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=8717fb2d-106c-4a60-a335-a743c8d8f23f&subid=1511354673&sid=1874665131&spot_id=529500&created_at=2024-04-26&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=8717fb2d-106c-4a60-a335-a743c8d8f23f&subid=1511354673&sid=1874665131&spot_id=529500&created_at=2024-04-26&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=8717fb2d-106c-4a60-a335-a743c8d8f23f&subid=1511354673&sid=1874665131&spot_id=529500&created_at=2024-04-26&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:57:21 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 116f21a281.7fbe2fd8a8.com/in/multy | 94.130.198.6 | 200 OK | 0 B |
URL POST HTTP/2116f21a281.7fbe2fd8a8.com/in/multy IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:57:21 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwsALkcEORFrCF7zF2RanjRTPohzWUSjcvW1LMPPZzGf5LyaOMsv4Q3iE4UC4WJ3xK6kZLRKQ | 64.233.162.84 | 302 Found | 423 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwsALkcEORFrCF7zF2RanjRTPohzWUSjcvW1LMPPZzGf5LyaOMsv4Q3iE4UC4WJ3xK6kZLRKQ IP64.233.162.84:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (404) Hash240a3309c61e64e8e575153f1c62d3cb 0cc8dbbb7dafc011a37a09e12cec98ab6a8ecbcc ad6ad0e6a6f85afae263aa3c5b657870fb91ca96a6f2cc67457649c099f1cf32
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwsALkcEORFrCF7zF2RanjRTPohzWUSjcvW1LMPPZzGf5LyaOMsv4Q3iE4UC4WJ3xK6kZLRKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:boQXs7YmM11YVT5Q-HeMm3GUnH6rlA:TiCD7giI6tSvCyI5;Path=/;Expires=Sun, 26-Apr-2026 02:57:22 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:57:22 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyb21AnjnrqWomFCYKoanMYN93kdzLIarWont0lL9-1ZrrWZmtWuzXzftHnGiwI2QV7QO4V&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2063523361%3A1714100242112996&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-QKGgejYkJovMcl5eC3Xk8A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 116f21a281.7fbe2fd8a8.com/in/multy | 94.130.198.6 | 200 OK | 4.3 kB |
URL POST HTTP/2116f21a281.7fbe2fd8a8.com/in/multy IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hash5304ea6bab652193aa9196b3785f6ba0 afc878e21dde40a31646aea8305079975c884d3f 914e34acf1ed178421f5d5e5eeef1e5afe656ce95e0c7b96ed016026d0ec78f8
POST /in/multy HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2165
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:57:22 GMT
content-type: application/json
content-length: 4293
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyb21AnjnrqWomFCYKoanMYN93kdzLIarWont0lL9-1ZrrWZmtWuzXzftHnGiwI2QV7QO4V&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2063523361%3A1714100242112996&theme=mn&ddm=0 | 64.233.162.84 | 403 Forbidden | 807 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyb21AnjnrqWomFCYKoanMYN93kdzLIarWont0lL9-1ZrrWZmtWuzXzftHnGiwI2QV7QO4V&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2063523361%3A1714100242112996&theme=mn&ddm=0 IP64.233.162.84:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators Hashc0497eb036e138e9370ed1215032a097 f025c03c1181c24fb595c21c3bf587c2b807769d a450ccab3e77c64b253fe7d55bf0ea5e3710764f0a3402e61483c17a78e25561
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyb21AnjnrqWomFCYKoanMYN93kdzLIarWont0lL9-1ZrrWZmtWuzXzftHnGiwI2QV7QO4V&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2063523361%3A1714100242112996&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:57:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-_QQFdqSI4b1EFuIoVpPLlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Deb103ff7c8&refdom=www.amdahost.com&auction_time=1714100242&subid=1511354673&sid=1874665131&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DTxPhXt82NXkTvLXckPa5agFG2wPHKltaWIurQkKOmJ0e_uavYu54Y6k8-A60qYtDWMkEZ0mk3B8c39Q5CmKA_4y_sEiHWvw6a7JzmTrsP6EFn76CefTjjlGzisZTKVIOhe-gNdfVpTMVPw8aKELp12W4vdlSqece53v2LZEmgrA_AtvJ589ZF4uZjCy9nLvPh6T73koe4iM3hrU2HGHYFgJUnTa-U5NwlgIpeFsp_Z6dftrDLh_QnFOdAgCme5k56obrpUSQwqsS0TR8h9QOmFzwWOPfapzXZqdChHKR6w0WUb481JWd6TX5YPlez3sDRoJjAoDyUOWwMVqTMq6pRuHtF4whzTGtRapFQf54GPcSuvcuaEnCwFR_f0BxtF7Uy8B5TIjsx1BzX5pw3rn8DC1XONncM4YM5wC5xvVjSBeucPYyW6GcTNOtJZg1viwDsWs7hK_0vth4ap56NM3WcaiXK7acNqLeUtQ6aPuAyA8RHB68eQYA-IAkiuG6zl1Tk8Ttg0hb1KA5zoLxJURSEAP3QYWuHHKJ3HLnb3eLLRU48DAOyNXUVywrV8DmEik_AkR6BKWR&icons=lObmfoTLWFtUHtH3mO0gmoVtRD9aXxZvMoO27hHm-ZCI0wcdj9xbiObbzXv2svewUFuWcmhpIt3hcTgaBNTVOa5fuy7QZfN2wtpchF1m8kdNs4j-mRXGui85eJFq3QH_3llaTs20aI1M7Skb4IOWz7ksrZUnD0_OdCEgehWwsudHhfan5VI9FjuAV0ocJ-f_rijl337LF8AkKzgLxWtpt6_UgNRUPpE3L_GvOxXRWvVPPch01yBr_LwVjg8abV8blmn9eMEy0Kgl21_tHZ3Cw7sdixh6OlQypn6pEuFETOrqVIksWLxkfRRcr7hDTrq3phb_RVxCao8rYrhjLnCvQnw8lJpLcfT0bli3Ap6lnfntC_MPauOgpclxs7tvRjqqdUcGY3HJIje1BWQOFJLUZiOxyEscYrQmdVOGitY_D03qxkCAOMaM_MIGnIM93lxUfWY2SDXpGugJfKNRqge25h1k6VUiz2KTHMdlebADGCZCsqJREYaPcbMeRrwiNFRzJ7HYeWw7uiro6hZPHhZXtzoBnwAgeS6q3-BCiZNWrsuTXavFpP4-dpaV6pObJlkCgXUsOHpM2vgHgRenc-LTD0pn8hm9KuEHP8C-04ltGDCjTEoqC85MvJuiPI87OBrIKIk6kDvUr86KbJuN_99t9QdPV74clq6vKsNsLEz5NI525UT2qEE9L8enk5mJgkSPWXD_XhQ&ext_cid=0&px_id=31529500&min_cpm=0.03434910064644709&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8371771557570143021&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.10584100489599757&cpm=0&verify_hash=420faf2bd3a4d67124dac3e625fb3b38&is_native=1&real_bid=0.0031286249309778373&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1714157842&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F44563324%2F551815_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=3109a82b-736c-485b-a6e8-57e02bfe354d&prev_step_diff=812 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Deb103ff7c8&refdom=www.amdahost.com&auction_time=1714100242&subid=1511354673&sid=1874665131&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DTxPhXt82NXkTvLXckPa5agFG2wPHKltaWIurQkKOmJ0e_uavYu54Y6k8-A60qYtDWMkEZ0mk3B8c39Q5CmKA_4y_sEiHWvw6a7JzmTrsP6EFn76CefTjjlGzisZTKVIOhe-gNdfVpTMVPw8aKELp12W4vdlSqece53v2LZEmgrA_AtvJ589ZF4uZjCy9nLvPh6T73koe4iM3hrU2HGHYFgJUnTa-U5NwlgIpeFsp_Z6dftrDLh_QnFOdAgCme5k56obrpUSQwqsS0TR8h9QOmFzwWOPfapzXZqdChHKR6w0WUb481JWd6TX5YPlez3sDRoJjAoDyUOWwMVqTMq6pRuHtF4whzTGtRapFQf54GPcSuvcuaEnCwFR_f0BxtF7Uy8B5TIjsx1BzX5pw3rn8DC1XONncM4YM5wC5xvVjSBeucPYyW6GcTNOtJZg1viwDsWs7hK_0vth4ap56NM3WcaiXK7acNqLeUtQ6aPuAyA8RHB68eQYA-IAkiuG6zl1Tk8Ttg0hb1KA5zoLxJURSEAP3QYWuHHKJ3HLnb3eLLRU48DAOyNXUVywrV8DmEik_AkR6BKWR&icons=lObmfoTLWFtUHtH3mO0gmoVtRD9aXxZvMoO27hHm-ZCI0wcdj9xbiObbzXv2svewUFuWcmhpIt3hcTgaBNTVOa5fuy7QZfN2wtpchF1m8kdNs4j-mRXGui85eJFq3QH_3llaTs20aI1M7Skb4IOWz7ksrZUnD0_OdCEgehWwsudHhfan5VI9FjuAV0ocJ-f_rijl337LF8AkKzgLxWtpt6_UgNRUPpE3L_GvOxXRWvVPPch01yBr_LwVjg8abV8blmn9eMEy0Kgl21_tHZ3Cw7sdixh6OlQypn6pEuFETOrqVIksWLxkfRRcr7hDTrq3phb_RVxCao8rYrhjLnCvQnw8lJpLcfT0bli3Ap6lnfntC_MPauOgpclxs7tvRjqqdUcGY3HJIje1BWQOFJLUZiOxyEscYrQmdVOGitY_D03qxkCAOMaM_MIGnIM93lxUfWY2SDXpGugJfKNRqge25h1k6VUiz2KTHMdlebADGCZCsqJREYaPcbMeRrwiNFRzJ7HYeWw7uiro6hZPHhZXtzoBnwAgeS6q3-BCiZNWrsuTXavFpP4-dpaV6pObJlkCgXUsOHpM2vgHgRenc-LTD0pn8hm9KuEHP8C-04ltGDCjTEoqC85MvJuiPI87OBrIKIk6kDvUr86KbJuN_99t9QdPV74clq6vKsNsLEz5NI525UT2qEE9L8enk5mJgkSPWXD_XhQ&ext_cid=0&px_id=31529500&min_cpm=0.03434910064644709&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8371771557570143021&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.10584100489599757&cpm=0&verify_hash=420faf2bd3a4d67124dac3e625fb3b38&is_native=1&real_bid=0.0031286249309778373&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1714157842&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F44563324%2F551815_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=3109a82b-736c-485b-a6e8-57e02bfe354d&prev_step_diff=812 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Deb103ff7c8&refdom=www.amdahost.com&auction_time=1714100242&subid=1511354673&sid=1874665131&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DTxPhXt82NXkTvLXckPa5agFG2wPHKltaWIurQkKOmJ0e_uavYu54Y6k8-A60qYtDWMkEZ0mk3B8c39Q5CmKA_4y_sEiHWvw6a7JzmTrsP6EFn76CefTjjlGzisZTKVIOhe-gNdfVpTMVPw8aKELp12W4vdlSqece53v2LZEmgrA_AtvJ589ZF4uZjCy9nLvPh6T73koe4iM3hrU2HGHYFgJUnTa-U5NwlgIpeFsp_Z6dftrDLh_QnFOdAgCme5k56obrpUSQwqsS0TR8h9QOmFzwWOPfapzXZqdChHKR6w0WUb481JWd6TX5YPlez3sDRoJjAoDyUOWwMVqTMq6pRuHtF4whzTGtRapFQf54GPcSuvcuaEnCwFR_f0BxtF7Uy8B5TIjsx1BzX5pw3rn8DC1XONncM4YM5wC5xvVjSBeucPYyW6GcTNOtJZg1viwDsWs7hK_0vth4ap56NM3WcaiXK7acNqLeUtQ6aPuAyA8RHB68eQYA-IAkiuG6zl1Tk8Ttg0hb1KA5zoLxJURSEAP3QYWuHHKJ3HLnb3eLLRU48DAOyNXUVywrV8DmEik_AkR6BKWR&icons=lObmfoTLWFtUHtH3mO0gmoVtRD9aXxZvMoO27hHm-ZCI0wcdj9xbiObbzXv2svewUFuWcmhpIt3hcTgaBNTVOa5fuy7QZfN2wtpchF1m8kdNs4j-mRXGui85eJFq3QH_3llaTs20aI1M7Skb4IOWz7ksrZUnD0_OdCEgehWwsudHhfan5VI9FjuAV0ocJ-f_rijl337LF8AkKzgLxWtpt6_UgNRUPpE3L_GvOxXRWvVPPch01yBr_LwVjg8abV8blmn9eMEy0Kgl21_tHZ3Cw7sdixh6OlQypn6pEuFETOrqVIksWLxkfRRcr7hDTrq3phb_RVxCao8rYrhjLnCvQnw8lJpLcfT0bli3Ap6lnfntC_MPauOgpclxs7tvRjqqdUcGY3HJIje1BWQOFJLUZiOxyEscYrQmdVOGitY_D03qxkCAOMaM_MIGnIM93lxUfWY2SDXpGugJfKNRqge25h1k6VUiz2KTHMdlebADGCZCsqJREYaPcbMeRrwiNFRzJ7HYeWw7uiro6hZPHhZXtzoBnwAgeS6q3-BCiZNWrsuTXavFpP4-dpaV6pObJlkCgXUsOHpM2vgHgRenc-LTD0pn8hm9KuEHP8C-04ltGDCjTEoqC85MvJuiPI87OBrIKIk6kDvUr86KbJuN_99t9QdPV74clq6vKsNsLEz5NI525UT2qEE9L8enk5mJgkSPWXD_XhQ&ext_cid=0&px_id=31529500&min_cpm=0.03434910064644709&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=8371771557570143021&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.10584100489599757&cpm=0&verify_hash=420faf2bd3a4d67124dac3e625fb3b38&is_native=1&real_bid=0.0031286249309778373&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1714157842&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F44563324%2F551815_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=3109a82b-736c-485b-a6e8-57e02bfe354d&prev_step_diff=812 HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:57:22 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=cb717879-133c-4e12-840e-8a78978e5ae7&prev_step_diff=812 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=cb717879-133c-4e12-840e-8a78978e5ae7&prev_step_diff=812 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=cb717879-133c-4e12-840e-8a78978e5ae7&prev_step_diff=812 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:22 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sat, 26 Apr 2025 02:57:22 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:22 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sat, 26 Apr 2025 02:57:22 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| imgsdn.com/ie?v=4&c=IYQJG1EOzfVkPfRmRCbsr_Zz8c0uxDoI1mxLYXYN2ZrhamWMhoQ4dA6HveVZ1avxY2fa-s7ipFpH7ab8BXyM-v2zMwWdixEO_gO3X7wtvuHZU8lNKobYhKONkrCQHUeEk0DJn5M1aASi7T-k6zwmIbLT6pEUzn46cuYhYyxzDRZiC43IZmjcZKMTe9fsD-fO_KxVTTWL9TcE7vUQVAKIAku-SKkRGtP67BXTD2h-Oq_WozWFEqPjKeeJ33PSipdVUghfVgdbYebD3_efdfOPodZh0nYzKanh8ddKb6X4jbWXm7jDmnunwJFS2PZolY031YFDOnBmtIw3_ZdWYyfCIABbkrMrS6Ot7bKYpF3me9heeLsH_3zds9qXz5VrrV8cMZReqgYVSgKSt5g5X-_J9bmjEh5OzVTePF-66grj95mJHXwsztZTaDewRtZn7A==&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=0501f940-ea90-4a00-9fbd-478444dfbb83&prev_step_diff=811 | 162.55.246.161 | 301 Moved Permanently | 0 B |
URL GET HTTP/1.1imgsdn.com/ie?v=4&c=IYQJG1EOzfVkPfRmRCbsr_Zz8c0uxDoI1mxLYXYN2ZrhamWMhoQ4dA6HveVZ1avxY2fa-s7ipFpH7ab8BXyM-v2zMwWdixEO_gO3X7wtvuHZU8lNKobYhKONkrCQHUeEk0DJn5M1aASi7T-k6zwmIbLT6pEUzn46cuYhYyxzDRZiC43IZmjcZKMTe9fsD-fO_KxVTTWL9TcE7vUQVAKIAku-SKkRGtP67BXTD2h-Oq_WozWFEqPjKeeJ33PSipdVUghfVgdbYebD3_efdfOPodZh0nYzKanh8ddKb6X4jbWXm7jDmnunwJFS2PZolY031YFDOnBmtIw3_ZdWYyfCIABbkrMrS6Ot7bKYpF3me9heeLsH_3zds9qXz5VrrV8cMZReqgYVSgKSt5g5X-_J9bmjEh5OzVTePF-66grj95mJHXwsztZTaDewRtZn7A==&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=0501f940-ea90-4a00-9fbd-478444dfbb83&prev_step_diff=811 IP162.55.246.161:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectnimrute.com FingerprintFE:11:FD:FB:69:FC:E9:22:01:AE:4B:9D:F5:85:C9:1C:FF:4D:44:D4 ValidityMon, 12 Feb 2024 14:13:04 GMT - Sun, 12 May 2024 14:13:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=IYQJG1EOzfVkPfRmRCbsr_Zz8c0uxDoI1mxLYXYN2ZrhamWMhoQ4dA6HveVZ1avxY2fa-s7ipFpH7ab8BXyM-v2zMwWdixEO_gO3X7wtvuHZU8lNKobYhKONkrCQHUeEk0DJn5M1aASi7T-k6zwmIbLT6pEUzn46cuYhYyxzDRZiC43IZmjcZKMTe9fsD-fO_KxVTTWL9TcE7vUQVAKIAku-SKkRGtP67BXTD2h-Oq_WozWFEqPjKeeJ33PSipdVUghfVgdbYebD3_efdfOPodZh0nYzKanh8ddKb6X4jbWXm7jDmnunwJFS2PZolY031YFDOnBmtIw3_ZdWYyfCIABbkrMrS6Ot7bKYpF3me9heeLsH_3zds9qXz5VrrV8cMZReqgYVSgKSt5g5X-_J9bmjEh5OzVTePF-66grj95mJHXwsztZTaDewRtZn7A==&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=0501f940-ea90-4a00-9fbd-478444dfbb83&prev_step_diff=811 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Fri, 26 Apr 2024 02:57:22 GMT
content-length: 0
location: https://img.vmmcdn.com/get/31532110/551815_icon.png
x-app-id: 11
|
|
| img.vmmcdn.com/get/44563324/551815_image.jpg | 46.4.121.113 | 200 OK | 12 kB |
URL GET HTTP/2img.vmmcdn.com/get/44563324/551815_image.jpg IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3 Hashee921bcd225785444d8ab128ca1d0941 e92f5588c738df6912e3658d883aeb66b486560b 4da4a312766a4b2e3cb69b5d7188a4b073e757ae350687ac22b3dfa81fccf15c
GET /get/44563324/551815_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 26 Apr 2024 02:57:22 GMT
content-type: image/jpeg
content-length: 12075
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-2f2b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img.vmmcdn.com/get/31532110/551815_icon.png | 46.4.121.113 | 200 OK | 13 kB |
URL GET HTTP/2img.vmmcdn.com/get/31532110/551815_icon.png IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashd33d90c506dc28ad22627e5bb03234f0 2ab58d0b5c7ba191391bdc5f9ac011276f0aa281 87ca14c510fabadfcdde2e1bf5211f364d6f441aa156fb0c3426318d6d33cc4f
GET /get/31532110/551815_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 26 Apr 2024 02:57:22 GMT
content-type: image/png
content-length: 12875
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-324b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 104.21.40.89 | 200 OK | 10 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5026
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnZcrY0oJhSIwVCwBig7qGl7QR0TlCNq9mVxcl%2FWVCD1Arbhacaf0Xja3eR1IBGpZms1y5bdddPooBdLlfkylsem%2BlFg%2F07tdP5izffANhqAmOu5rtSl13%2F4nF%2FXwLUtqTPo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a34dd29e14b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 02:57:37 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a34e742d42b4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11OO04DMRC9ChfY1fxtp6YGCcQBvN61aEKKpAjSHJ6x0wDzZGk0fj8CkgVkIX0iOmk6IXvBtcAqtKKKv7y+uaDX814/L9fb2i5nF87CyXMBkewIxGjkSsYSCoXsploggxfLZIbmqM4OAVIWGdsKwUvgH+/P82FAyBPBXUKJM9kJXGKH+9D2mMaJrCTVLcNueNRd09arVcQyiH+bhg9AdAgfZBmpiKzBo1nmgWXIGIUpmsWAz3O9fn8191/EAZ3S8ICZ9v/7ARlVUGRwvOdWD2iWO/WjFNs33sWsH1JJt95/AGEDbWSDAQAA | 95.211.229.245 | 200 OK | 0 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA11OO04DMRC9ChfY1fxtp6YGCcQBvN61aEKKpAjSHJ6x0wDzZGk0fj8CkgVkIX0iOmk6IXvBtcAqtKKKv7y+uaDX814/L9fb2i5nF87CyXMBkewIxGjkSsYSCoXsploggxfLZIbmqM4OAVIWGdsKwUvgH+/P82FAyBPBXUKJM9kJXGKH+9D2mMaJrCTVLcNueNRd09arVcQyiH+bhg9AdAgfZBmpiKzBo1nmgWXIGIUpmsWAz3O9fn8191/EAZ3S8ICZ9v/7ARlVUGRwvOdWD2iWO/WjFNs33sWsH1JJt95/AGEDbWSDAQAA IP95.211.229.245:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?t=api&data=H4sIAAAAAAAAA11OO04DMRC9ChfY1fxtp6YGCcQBvN61aEKKpAjSHJ6x0wDzZGk0fj8CkgVkIX0iOmk6IXvBtcAqtKKKv7y+uaDX814/L9fb2i5nF87CyXMBkewIxGjkSsYSCoXsploggxfLZIbmqM4OAVIWGdsKwUvgH+/P82FAyBPBXUKJM9kJXGKH+9D2mMaJrCTVLcNueNRd09arVcQyiH+bhg9AdAgfZBmpiKzBo1nmgWXIGIUpmsWAz3O9fn8191/EAZ3S8ICZ9v/7ARlVUGRwvOdWD2iWO/WjFNs33sWsH1JJt95/AGEDbWSDAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b18096208f3.01225959317901101%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:57:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/images/close-icon.svg | 185.76.9.22 | 200 OK | 265 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon.svg IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeSVG Scalable Vector Graphics image Hash0e1e3b1614a46466d9535037923e7c34 f8d10a742cd0197a10a041cf447d0dbd3371d07c f66b1cc574e4967cf5417ef445ac663aa9a2ec3cf1c0d23eb1b4c59808237ee0
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Oct 2022 10:37:29 GMT
etag: W/"634e81e9-109"
expires: Wed, 25 Oct 2023 02:23:43 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3h0eLAQ
x-77-nzt-ray: af5856304009f77f0c182b66cf618528
x-accel-expires: @1719731205
x-accel-date: 1688195205
x-cache: HIT
x-age: 25905031
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25905031
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.xadsmart.com/PDgMwm/xJSLite.min.js | 185.76.9.15 | 200 OK | 37 kB |
URL GET HTTP/2www.xadsmart.com/PDgMwm/xJSLite.min.js IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject1376341044.rsc.cdn77.org Fingerprint9E:BC:DC:BC:06:2C:01:7D:11:A9:9F:DB:DC:7A:40:7B:9F:8F:B5:F8 ValidityTue, 20 Feb 2024 02:39:34 GMT - Mon, 20 May 2024 02:39:33 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hashd7dbed577604f50549a63b03bfa18401 1b5458668c7aecbee06b22b21ff6be9a96794393 8a336c5e8047e5d1ec3ace133f6312b27670d7b3d8f30d32b7a611f0a7714860
GET /PDgMwm/xJSLite.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb9
expires: Sat, 27 Apr 2024 00:15:03 GMT
access-control-allow-origin: https://www.amdahost.com
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJDQH3WQ4IAAwBuUwKDAH3mAAAAAwBJRPCLgH3EQAAAA
x-77-nzt-ray: c0a4cc28eaf9cee809182b66e85efa06
x-accel-expires: @1714176903
x-accel-date: 1713572272
x-77-cache: HIT
x-77-age: 527961
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 527961
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/favicon-16x16.png | 104.21.40.89 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2616
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rga%2BN4R%2Fb1oUoyfjfbkv62fPfEOJejXK4yVTKQlgXkQJZi%2BeG3nS%2Bv7PYWyyz8KzlSAg9Dc417oQUK1b03P88G%2FndKIYdnkZ36ikXeMXOW926jzpJcuxuGAOw752PR5qv6sd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dddea3cb4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 420 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash75f97bdeb174d8b64c2078ceff6726a3 beb63d63eb0398c4e6f15b6f2ad83c9fd7ef272d 0dd00245b771e2aada55e76fe50ee64c186e9413f70b1fc54da284a2cab024c6
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.166.186 | 200 OK | 82 kB |
IP104.17.166.186:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:15 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 02:57:14 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 633677
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34de4bd5ab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.79.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.79.73:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dd379bf56c5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Deb103ff7c8&refdom=www.amdahost.com&auction_time=1714100242&subid=1511354673&sid=1874665131&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&icons=LOdVt_hQoBUlvXnBUfEBDTNsZiW77JGi3CKZuk28AFnhnWYNuYu1ouBwzgjVZSkciqInddIK6UILkw_wPdYvSmWDzO1-Hp8O1qmIwO-YhC2UYS-DTAQ6O_EDtYBmwwwa5KC6PzwyBa-0QFWPTvivbzUgCzGRQofvupVJDlTnPm2qCKeEpQ&ext_cid=0&px_id=529500&min_cpm=0.0034727876695169104&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8371771557570143021&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0006745253930573598&cpm=0&verify_hash=ba50a1c86cfdc08f49d97f731ee6b36a&is_native=4&real_bid=0.00019721275066761438&original_bid_usd=0.001015348&original_bid=0.001015348&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001015348&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000010153479999999999&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=1884d5cb-306a-46e0-9f4a-292caa013c39&prev_step_diff=812 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Deb103ff7c8&refdom=www.amdahost.com&auction_time=1714100242&subid=1511354673&sid=1874665131&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&icons=LOdVt_hQoBUlvXnBUfEBDTNsZiW77JGi3CKZuk28AFnhnWYNuYu1ouBwzgjVZSkciqInddIK6UILkw_wPdYvSmWDzO1-Hp8O1qmIwO-YhC2UYS-DTAQ6O_EDtYBmwwwa5KC6PzwyBa-0QFWPTvivbzUgCzGRQofvupVJDlTnPm2qCKeEpQ&ext_cid=0&px_id=529500&min_cpm=0.0034727876695169104&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8371771557570143021&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0006745253930573598&cpm=0&verify_hash=ba50a1c86cfdc08f49d97f731ee6b36a&is_native=4&real_bid=0.00019721275066761438&original_bid_usd=0.001015348&original_bid=0.001015348&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001015348&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000010153479999999999&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=1884d5cb-306a-46e0-9f4a-292caa013c39&prev_step_diff=812 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Deb103ff7c8&refdom=www.amdahost.com&auction_time=1714100242&subid=1511354673&sid=1874665131&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Deb103ff7c8%26idzone%3D0%26sid%3D1886&icons=LOdVt_hQoBUlvXnBUfEBDTNsZiW77JGi3CKZuk28AFnhnWYNuYu1ouBwzgjVZSkciqInddIK6UILkw_wPdYvSmWDzO1-Hp8O1qmIwO-YhC2UYS-DTAQ6O_EDtYBmwwwa5KC6PzwyBa-0QFWPTvivbzUgCzGRQofvupVJDlTnPm2qCKeEpQ&ext_cid=0&px_id=529500&min_cpm=0.0034727876695169104&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8371771557570143021&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0006745253930573598&cpm=0&verify_hash=ba50a1c86cfdc08f49d97f731ee6b36a&is_native=4&real_bid=0.00019721275066761438&original_bid_usd=0.001015348&original_bid=0.001015348&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001015348&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000010153479999999999&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=1884d5cb-306a-46e0-9f4a-292caa013c39&prev_step_diff=812 HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:57:22 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| cf9c86d5de.f33207dc6c.com/1e6048537fd0bf07420ace8536306a3b/161855?version_name=d | 45.133.44.52 | 200 OK | 2.4 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/1e6048537fd0bf07420ace8536306a3b/161855?version_name=d IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1e6048537fd0bf07420ace8536306a3b/161855?version_name=d HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Fri, 26 Apr 2024 03:02:13 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/includes/update_visits.php | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 53
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc; cf_clearance=mK0IWymUVo6tMqyx59xIi8QrmJAbC4.eU2GY6GMCuUA-1714100233-1.0.1.1-1TjkPMuLu0eqNAjqCs08TC.P4ayrkpdzenIrSL7saw_2V1aIQtx9FLOdfG.c9THLDnL4QfoIrD5dt8Z59775bA; a=0lTsh8b2bP7w3WT4f0RCRpUJ8mh7XxWD; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAAh3wz0S8gxv3dT_56qYHjat5SeSpYytPbgTTIH8N4YRNeYzP9A71asapcma3M0gjjYMMfYAwALQAyOqI6RCf9rBUi6XO6VOEzm9DUXfpUUYTv4S2-42FI7dpAR5UfQTHuKora_r2Rto943RN_Zkzn-VyHBNya6gpizI_xm1-oq3rG4LJxbjO_Cc99iB1QG7AOSMQEy5x3OkYsArrJ9ImqpaEG2hfT1bPnGYsdGnIFRwS1_5H5ykGQv01_Y3CSPS8ITquqSFoFPsLSgd38bq2kPT2BqfoLqBHUsQDEW9Y6FhcpvSXscN7nwsEUKDvEXyumAmIn7eeUT6oCCJl76JzhVK0CQi_-KBYE0u68-Pi-pTnDWzpNcaIBDn6IyJ-dmKA_cf51MiskMzQsfHjmqwv395L4MgJOei4JYAkD7gBLFaDMC2VL04xk2SfDM9T1tu9lQJnbPZjfyvU67BWAwSUodIrwB7VrTPAGeAdNT32VD3wRcrPMCRQGdjR3Oh-4yOokJp4Rkm3slqk3W4iaJvoetNxO9MfxohQu0GarnPIN381Ucii7kFClAHgHJrD6oM3VGL8asByd5HN9arQTgQo2swPY_c_BFbfrthDu6eaNYIJaOo89EWK34smFu9exJPb86KDi_RLE5oRMdkAB5SN5Ao234G7ENZkz1EtWX6EgWMM9EhNHYt6xVr6iZmBOp7ZD7izu8a9mi47g-sq0UD9JoNu9EE1V8DOUQWY9UNnR-3BSC7aTj-ktCBpS-SZATy8cH8yiG26tnTQ1BrH6twLXwtLLEvNg7eNqTD6h5vTmC4Z6fZj2oIkGbfnz7P5w8tkLIuac0Kg2d4yEqzlwv7NmKQxPwrICpaCDphAcDgUZ9nktU2TBKGpLf0P7G0b5oUKgMmARao7Y7j09RBiAPMxU5k_7LxWZCjjCceBM_MrmWWp7Budgw91jA9H6RzIjSnCQZj6kzNAAn_xRPCEcE1AHM0-oC2E5OibUMBkNVEYul-9; zone-cap-5263454=1; _popprepop=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:57:29 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Pzzig1aCJMNIfcw5xW%2Bw%2BHwzeRwNCST4jFTJQNklRToFqICApjL%2Bj9vHOdStH%2BhSgEWvphINJY%2Fi2TqKMhwxxOZewRMRw%2BMCi89VRAHdVGyhWBAnMTQsX9YvBVKD%2Ftgps3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a34e3bea4ab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cf9c86d5de.f33207dc6c.com/c37eb03648abae911c8ba86cf51fd9e6.js | 45.133.44.52 | 200 OK | 169 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/c37eb03648abae911c8ba86cf51fd9e6.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c37eb03648abae911c8ba86cf51fd9e6.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:02:16 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cf9c86d5de.f33207dc6c.com/526afdf9b717924176eabd0c81f90a31.js | 45.133.44.52 | 200 OK | 109 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/526afdf9b717924176eabd0c81f90a31.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /526afdf9b717924176eabd0c81f90a31.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:02:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_cl8cnhunwtbxkwd23u3tdp&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208560016727040&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 2.9 kB |
URL GET HTTP/2ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_cl8cnhunwtbxkwd23u3tdp&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208560016727040&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (3259), with no line terminators Hash29ff6cbc2df5ce3ad9569b46b67ce959 1c143dc99a952c6d6a1883954cb0065ab56ce0f5 55db77137306aad423a9cadd419169906cc89836d8a2bb6457d40457d93f35fa
GET /get/2020088?zoneid=2020088&jp=_cl8cnhunwtbxkwd23u3tdp&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208560016727040&eclog=0&im=1&uf=0 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Fri, 30 May 2025 02:57:13 GMT; Secure; SameSite=None
UID=2404252157c51806cf39c4426abb22b4fdef; Path=/; Expires=Fri, 30 May 2025 02:57:13 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/get/2020090?zoneid=2020090&jp=_cl7wk4m8nwgprwxtush41c&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801185133193216&eclog=0&im=1&freq=0&uf=0 | 212.117.190.202 | 200 OK | 14 kB |
URL GET HTTP/212ezo5v60.com/get/2020090?zoneid=2020090&jp=_cl7wk4m8nwgprwxtush41c&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801185133193216&eclog=0&im=1&freq=0&uf=0 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (13931), with no line terminators Hash66d2fc2c228f076799398159d4517ef1 61e324fa863475b29dcd60c8a1cf7d374c9f6858 862b16b31192206a6475a4657073f47d9f180e82293b1972bf313a54d7b24a6c
GET /get/2020090?zoneid=2020090&jp=_cl7wk4m8nwgprwxtush41c&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801185133193216&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Fri, 30 May 2025 02:57:13 GMT; Secure; SameSite=None
UID=2404252157893a093a80dd4113a745c0d080; Path=/; Expires=Fri, 30 May 2025 02:57:13 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/venor.php | 95.211.229.245 | 200 OK | 1 B |
IP95.211.229.245:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typevery short file (no magic) Hashcfcd208495d565ef66e7dff9f98764da b6589fc6ab0dc82cf12099d1c2d40ab994e8410c 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /venor.php HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:57:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| cf9c86d5de.f33207dc6c.com/0d1d1d0ae3f06d802747776c90722fd4.js | 45.133.44.52 | 200 OK | 470 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/0d1d1d0ae3f06d802747776c90722fd4.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0d1d1d0ae3f06d802747776c90722fd4.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:02:21 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1310), with no line terminators Hash6ed7e36a675f79912a60041296e6712c 90726391e4efdc836774a463094dbce3f980c761 59214048cf850c5c635c4bd6669db6222a200dd806e8ec2b2e8f504fa0b9393d
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 02:57:13 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 633676
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dde6af456b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 104.22.21.144 | 302 Found | 366 kB |
IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::6sbwh-1714099602421-a6756e5e5643
cf-cache-status: HIT
age: 234
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dd2ed69b511-OSL
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Fri, 26 Apr 2024 03:02:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 104.22.21.144 | 200 OK | 366 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size366 kB (365681 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 2530837
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dd35d96b511-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.25 | 200 OK | 19 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3AUkAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af585630c6fd485c09182b661dba9101
x-accel-expires: @1714167944
x-accel-date: 1714081544
x-77-cache: HIT
x-77-age: 18689
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 18689
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 138.201.81.123 | 200 OK | 728 B |
URL GET HTTP/2show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP138.201.81.123:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoDaddy.com, Inc. Subjectshow.revopush.com Fingerprint14:6E:2A:BA:82:13:C7:FC:12:52:18:54:8C:98:74:9E:31:18:6B:94 ValidityFri, 22 Mar 2024 16:58:42 GMT - Sat, 22 Mar 2025 16:58:42 GMT
File typeUnicode text, UTF-8 text, with very long lines (742), with no line terminators Hashfebafb7f9c8a214827f362bcee1e357e 5425a8d1e3b73d70d21cafb6e26b1b2870ec8384 f5b9afc06b9b9871ff7d06dc0978256f79b592748441f42dc4a28c8add80ddfc
GET /api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.amdahost.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js | 212.117.190.201 | 200 OK | 106 kB |
URL GET HTTP/2ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Size106 kB (106460 bytes) Hash282e4211c6aa475b438a8af84a2d5f2a 236912a2a74165b3864a118f55461948e6a25e13 51a486924bfae60d6f89619eda1ea7ee9313d1d74039b03f98dc03536b0469fb
GET /aas/r45d/vki/2020088/3f23ef09.js HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:57:12 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:57:12 GMT
date: Fri, 26 Apr 2024 02:57:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| a.pemsrv.com/popunder1000.js | 185.76.9.24 | 200 OK | 100 kB |
URL GET HTTP/2a.pemsrv.com/popunder1000.js IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder1000.js HTTP/1.1
Host: a.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"d9d3b543c03e218b51fa2081f01"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:12 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3AigAAAwBuUwKEwH3EAAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: af5856309c1b2b6509182b663364ff10
x-accel-expires: @1714100791
x-accel-date: 1714089991
x-77-cache: HIT
x-77-age: 10242
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 10242
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714007853_211e2fd5c712dc31.mp4 | 104.21.40.89 | 206 Partial Content | 12 MB |
URL GET HTTP/3www.amdahost.com/videos/1714007853_211e2fd5c712dc31.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size12 MB (11785652 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/1714007853_211e2fd5c712dc31.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=903905280-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 02:57:14 GMT
content-type: video/mp4
content-length: 11785652
last-modified: Thu, 25 Apr 2024 01:41:37 GMT
content-range: bytes 903905280-915690931/915690932
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MrWmoOzGEbD23O3HGJzlTFaZCZc31sd4fl9aJZs3maOS68aLL3wwtjFu28ZDRr9aTTQ2bsRbXHb41RJifEBl2%2FNoZBpzUCrEQOUwik1AliZvu33EQEhY0Hz%2BfROFvbXnu6As"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34ddcd9dbb4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s.magsrv.com/v1/api.php | 95.211.229.245 | 200 OK | 5.2 kB |
IP95.211.229.245:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (5492), with no line terminators Hash7caae583fad1b2a9102ce6e1fa0ca1e1 a5e3e6498f265bc8055ce550fb3a815696dd498c 96403ffd21e119e4e31a0b9cab60e9b9ed065a42c671a8c0860421d8446f28fe
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 364
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:57:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b18096208f3.01225959317901101%22%3B%7D; expires=Sun, 26-Apr-2026 02:57:13 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| cf9c86d5de.f33207dc6c.com/1db907bfe28934810665eeb126926cf9.js | 45.133.44.52 | 200 OK | 97 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/1db907bfe28934810665eeb126926cf9.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1db907bfe28934810665eeb126926cf9.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:57:16 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:02:16 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714007853_211e2fd5c712dc31.mp4 | 104.21.40.89 | 206 Partial Content | 96 kB |
URL GET HTTP/3www.amdahost.com/videos/1714007853_211e2fd5c712dc31.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=eb103ff7c8 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash3bb89009a5b4495f4798d28feba1bf7e d9965ec5eec860aa985474cc431ca638f5be02e1 f5963f24331c6d474783525e333a160b5cb39a96adf5c0fbec543691f38baebd
GET /videos/1714007853_211e2fd5c712dc31.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=eb103ff7c8
Cookie: PHPSESSID=94cc601ca0cafa3561495da4f9b4bbbc
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 02:57:13 GMT
content-type: video/mp4
content-length: 915690932
last-modified: Thu, 25 Apr 2024 01:41:37 GMT
content-range: bytes 0-915690931/915690932
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sH%2BrU8X8hBIwtacCcm4eCQ9JIBMsEK24Q3dLBc3C%2FxgK2EJEsWt%2F4RLkPHqzWkNt3Bmm0kd5w4xz2qtmJufSkr4lFG2SiJsr99eRUeo8HgmP8b6vvGomD%2FF4HyXP0UP5m6CV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a34dd9682eb4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|