| www.amdahost.com/thumbnails/1714450060_49ed01d670d03666.jpg | 172.67.183.69 | 200 OK | 38 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714450060_49ed01d670d03666.jpg IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hasha5ba6c01f1b97ef900d9d2687581e0ba 76796bd10a4cdf18c6a6fd46bbd35face430200e fce1ce350e63a16b223b154b816833f25aeae412287cbeca82dccac06d4492ab
GET /thumbnails/1714450060_49ed01d670d03666.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:58:50 GMT
content-type: image/jpeg
content-length: 38017
cache-control: public, max-age=604800
expires: Mon, 13 May 2024 21:07:39 GMT
etag: "9481-66306e8c-8c1665;;;"
last-modified: Tue, 30 Apr 2024 04:07:40 GMT
cf-cache-status: HIT
age: 89471
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwOXdTGoCm19mAFZVoZZSaZNCYTuj%2F5c2OGzR4H%2BcvNvS%2FfgroNt9NZgTH9zk20tjrdnNeadXajGg4vk4DkgEWGgvEZSbqNt0Krw5%2BuEIWkRb0oDSwpojLexgRvu2sZ6Kjyt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880479432938b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.129.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.129.229:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 21:58:50 GMT
age: 5251420
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.130.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.130.217:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Tue, 07 May 2024 21:58:50 GMT
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 9
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/4/js/233169 | 88.208.22.4 | 200 OK | 6.6 kB |
URL GET HTTP/232879.2481april2024.com/4/js/233169 IP88.208.22.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeJavaScript source, ASCII text, with very long lines (16647), with no line terminators Hashe3ada234eb7b665867856d381de2cbd9 d4d6a570ba7c45afc58e7cbd4b1e6a08ce371d9a 80c30a7584f57c9acf64de1b96e7e307495e1375721b435189a51eb8ade75b01
GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:50 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6574
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 172.67.41.16 | 200 OK | 114 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size114 kB (113634 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:50 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 611218
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804794398005695-OSL
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.170:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:27 GMT
expires: Fri, 02 May 2025 01:53:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 504323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.24 | 200 OK | 4.6 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typegzip compressed data, from Unix Hashc3f6e69bd6b11a4f17690ca68a32f860 598a0a644130bae6fae0bf4373a0a14faad65119 4aaef4f0a69f950cac5592bddc4e36e5b33fd183fce754dc414920313644592f
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3BwMAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af58563076014f8d1ba43a660c5ca300
x-accel-expires: @1715204756
x-accel-date: 1715118356
x-77-cache: HIT
x-77-age: 775
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 775
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 31 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashd02a693f06ae8f1cd37482cbf239cd83 bef7e7da153d6846a31cb7e357692ac99b54bc50 d67d80b8ef6cffc22d8d60ffe5957ce4d97182f1272295e5ddf0fda590cbde5a
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 6.0 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash399fb99d1950d3f690be9e64b7ddeecf 610e656ad09f8da201940a11d20cce4413cd0569 6ae4d0fabe2c65f46b232e942719d0ca365d62e427f2b648021002a251520df5
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.m.js | 45.133.44.53 | 200 OK | 41 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typegzip compressed data, from Unix Hash5271474f089859c346e212ad4efd485d 218a68acda14f903e4a737b539fc2428ff7d0778 9fbf737b70aa1273daddb59f7bef1fffe874b68b0356cafc963246cbc521f9c7
GET /static/scripts.m.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab61"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.183.69 | 302 Found | 0 B |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 21:58:51 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fe0n%2B%2FAR1vSbN%2FJHFRvXtPBSzrlXuOGe6mu%2F3%2BFm6XgIaX5lU6rfLDdygK4X4Hrg%2FWLoMipH0ycE0wnf6sBvvGOFBM0K9tj%2B9tCLEmhJPavW4hrSh94OG0eEk0iCvEk9qbiu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804794a3efcb52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pyknrhm5c.com/get/2025683?p=2025683&jp=_cl0vllyk0w5z6hpemcoofb&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275176372025344&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 8.2 kB |
URL GET HTTP/2pyknrhm5c.com/get/2025683?p=2025683&jp=_cl0vllyk0w5z6hpemcoofb&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275176372025344&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Hash7797c92764c133711e2ca41efa80aef6 03365cc1092789896e4b8fbc608f91c031bd9de3 b81ae0b3e2df889f9958bea8eee999c53044965cb0eeca0ccb91551d4719bf2b
GET /get/2025683?p=2025683&jp=_cl0vllyk0w5z6hpemcoofb&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275176372025344&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:51 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=24050716583fb8745cc7d746efa700daa7d6; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 104.22.58.221 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP104.22.58.221:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Thu, 09 May 2024 21:58:31 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 20
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8804794bbfdc56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/get/2020088?zoneid=2020088&jp=_cled0ko2f5ih4144hwdyb7&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023376558333952&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 131 kB |
URL GET HTTP/2b57dqedu4.com/get/2020088?zoneid=2020088&jp=_cled0ko2f5ih4144hwdyb7&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023376558333952&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Size131 kB (130664 bytes) Hashcb803a0a49759d6162e0245f5edbb5a2 3e9e81cd927e40ae8242b762b834379bf3f4d68c 5b621f105974992898053cd8fc6b23fa944ffa99aa0e36887bae0fc785ebdf6f
GET /get/2020088?zoneid=2020088&jp=_cled0ko2f5ih4144hwdyb7&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023376558333952&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:51 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
UID=24050716588ae68193f1884e0b9a0445d40f; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Tue, 07 May 2024 22:03:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/favicon-16x16.png | 172.67.183.69 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816; cf_clearance=TTIDFMGz1SyWV314.WvyzZfSEVvM0Va2UVfK.AJyRDE-1715119131-1.0.1.1-XvwRSqv6dRwRMWpDM.1YlsjRqHr2BIIr6vVa0aQTgY9AqlUtERg6JinYJeQAS7vWsHX5eV1YJxqvDUBOChpIqA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 139
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1uDb12YgLIhSYFCXNOtuxaLGdoV41qZoKeqAplwjRBV8F02PSrs5hv8Ai4v8gyt%2B%2Bx%2FdkCXipfagm%2BtD18%2FXaSolJFT%2FdUqPfE%2FhSO26jCADMzqEz84pYMkLCfF%2BCmzDF1Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804794eea3bb52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.tailwindcss.com/ | 172.67.41.16 | 302 Found | 42 kB |
IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash8378f7aafb8bbf5c6344b3518c0ea513 b98c05cd5aaa2de302377873501d9ed889368e14 0ceaccdc2daec15a0258b5b94a6ad30ac479bb9a65e106bbe7f784225a0d28fd
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::gp8jz-1715118765410-f913489df696
cf-cache-status: HIT
age: 287
vary: Accept-Encoding
server: cloudflare
cf-ray: 880479434fda5695-OSL
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 07 May 2024 21:58:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| 6fbb07e2de.7aa82805b9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTY0MzE1MDMyMDIzNjk5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjEiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ4LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/26fbb07e2de.7aa82805b9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTY0MzE1MDMyMDIzNjk5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjEiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ4LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject6fbb07e2de.7aa82805b9.com Fingerprint04:79:31:D9:05:83:F5:83:EF:F1:9B:85:1E:09:BF:D5:E3:ED:14:67 ValiditySat, 04 May 2024 02:50:36 GMT - Fri, 02 Aug 2024 02:50:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTY0MzE1MDMyMDIzNjk5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjEiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ4LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 6fbb07e2de.7aa82805b9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.162 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.162:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 07 May 2024 21:58:52 GMT
expires: Tue, 07 May 2024 21:58:52 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 2011977934151048792
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51548
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash201328753d359ed6101fd718f40a0987 92830b97da5731bde623915dbee83f1442cd6d28 ec9c14d29249320bd6e9194a07a354616f9df7f39e4b899460dbe1ad1b686d36
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 07 May 2024 21:58:52 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=17140135897630349840; Expires=Wed, 07 May 2025 21:58:52 GMT; Secure; SameSite=None
Vary: Origin
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 07 May 2024 21:58:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTY0MzE1MDMyMDIzNjk5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjEiLCJ0YWdfaWQiOjE3OTk3Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjYyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 88.198.136.228 | 200 OK | 0 B |
URL GET HTTP/2metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTY0MzE1MDMyMDIzNjk5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjEiLCJ0YWdfaWQiOjE3OTk3Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjYyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP88.198.136.228:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTY0MzE1MDMyMDIzNjk5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjEiLCJ0YWdfaWQiOjE3OTk3Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjYyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 07 May 2024 21:58:52 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 07 May 2024 21:58:52 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=10305841945270701; Expires=Wed, 07 May 2025 21:58:52 GMT; Secure; SameSite=None
Vary: Origin
|
|
| my.rtmark.net/gid.js?userId=0080556fa6f641c4fcbb798cc9b6c36c | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080556fa6f641c4fcbb798cc9b6c36c IP139.45.195.8:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash6a16378505db0affc425d3027a40686d 07b6602c01ff2e51927f67f7fce36259145c934c 6ac310ab9e74ab64b6e3b055aad04d42245e38f0ca46ed166a0cae2d9bd140b7
GET /gid.js?userId=0080556fa6f641c4fcbb798cc9b6c36c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080556fa6f641c4fcbb798cc9b6c36c; expires=Wed, 07 May 2025 21:58:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=6ef160fd-7461-408a-828d-a57571e89557&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=6ef160fd-7461-408a-828d-a57571e89557&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=6ef160fd-7461-408a-828d-a57571e89557&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:52 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=afd46660-1836-4a02-83fb-6cf43ad0bf29&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=afd46660-1836-4a02-83fb-6cf43ad0bf29&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=afd46660-1836-4a02-83fb-6cf43ad0bf29&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:52 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 94.130.198.6 | 200 OK | 0 B |
IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:52 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbddip.com/in/dip?site=native-push&wl=1&event_id=35b7b5e6-7723-4c44-a55e-42976f6a23da&subid=1211831614&sid=2734670709&spot_id=560190&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbddip.com/in/dip?site=native-push&wl=1&event_id=35b7b5e6-7723-4c44-a55e-42976f6a23da&subid=1211831614&sid=2734670709&spot_id=560190&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=35b7b5e6-7723-4c44-a55e-42976f6a23da&subid=1211831614&sid=2734670709&spot_id=560190&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:52 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/63864341c121fc80a909f55d1d6303d1.js | 45.133.44.53 | 200 OK | 155 kB |
URL GET HTTP/28d80fcb421.a700fb9c8d.com/63864341c121fc80a909f55d1d6303d1.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject8d80fcb421.a700fb9c8d.com Fingerprint42:A0:FF:40:15:C5:29:E2:8E:7E:8F:55:FE:A4:8A:15:E0:17:77:CF ValiditySat, 04 May 2024 02:20:27 GMT - Fri, 02 Aug 2024 02:20:26 GMT
File typegzip compressed data, from Unix Size155 kB (155307 bytes) Hash70da3c5ca922895fbd6e61456acb606b 5912632acac53aec4f662721e63e52c0f695d77b 62e44645e0f0fead205e2c179cf124a471e6e9df16a89ff9642fe34ee288dd3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /63864341c121fc80a909f55d1d6303d1.js HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab3e"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash5991db4ffbfc4b57b0f99a35a0e6a3d0 1b74b56ddc178de4587ef8898436cff19cc2c66b 17904ae58c5cfd605b9b96ef28a59c0b158141c0d69922267a677ff041ca24d9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 May 2024 21:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mbdippex.com/in/multy | 94.130.198.6 | 200 OK | 6.0 kB |
IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash04fdd9bdb87e9be2985bf1c96ed15e1c 7dbcc5c7dbc603123a25bb4b5e4c237761d2cb71 1555bfa75a01c303ea2a6a5b941eb958c1ba92ad65844c20ef1e3462fb27f512
POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2185
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:53 GMT
content-type: application/json
content-length: 5961
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 1.1 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashe92708eeec7a4f42e33c58a81bc4d366 3df64b050f9d94dc80c04a7364a5f5c77edcf594 5b53e2bfdc6b5e529985335a205f947d68342bc1c1b7a93c3bc5b5c92ab7b2ad
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 07 May 2024 21:58:52 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBXeByUVj4UpgtsZfTAjCb2XfWDbiRVvzWLDKzVqg2xrcXOUEViNf4WMka1WtGB%2FVcX%2FqkUPtZe%2FAWRlZ9FhfM9F5nuEmYM16%2FsHvrtMh44j1bfMr88XIlz7IDtvqwVX4eRHdapYK2%2BnZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88047952d90a56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js | 212.117.190.201 | 200 OK | 35 kB |
URL GET HTTP/2pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Hashe0411427d3a21e45aeedb135ad163c3b fa7604ba1e0c74bb7f8ffb0d229ec10677872813 30e20e87ce0312c597365ca972e0e0bc4470a1ac11b6f6c026d5aa342d6576cd
GET /q/tdl/95/dnt/2025683/kep.js HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:50 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-164ab"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=b&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119132&subid=1211831614&sid=2734670709&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D_jQUrj0GjkXgvnlAARgS7KoXXsHFzEuyxFyw90Q01xTPsRoQjl4xVc_cOTAAwXbqF55rnxX9YV3RPd91rRK7irtM-dyx0rmQII_1jbDhXMtj5LBzxN9IiVogAUKTa-HKIwIpf4j8VQT0R-PIogMtbg3FhW7_pDfbre7HGHWEzScxq7WZB2IEXVuB_UQTseSsIv2pzPJTjaJrCPdqm4QWu1_21q_wqgQNfle7oxPw9nYJcg0yip3i1j2xggrKUe-l9bl2fSIJMlEIKbjD9jXZQ1652I5mhLG7zU4T9SzhKzTVEKdnFRoUHKe34qCm8O4ZuDGWzkyPcZgHnJh3PkoKxZLthu_Xi0yBbhHllAZQ0PH-4MUtFf6X8JCcIRkPe2Nyju8GZYrOLyg-tdg03N77u14lDC15HL8v4TnY0gOs5zZ9hELXmxajF40zC5mleYGFlq3Cnly1ZeqsES65KdNpuXXWXtBpCtjOdJ_gLqIbewyCGdLEejK-9yUxrGJPRo15BuxCJXSYDOZdolL1kUuA_clYQHtJdFYy6SfIY5ZyOAgeI0Py2czK-rTAPOJXn97tw20XcSfPuaGSKWIaXM3ICdJw6PWDrahfMkpWUh-IRFUlFwKW6PrZ0V11FHmKfpjYkTRKPDi1Cs31ifNiXIFYkk3U0U1rRdJQYyM1QTV3CaXYSYSFYTEyIb-Ka1zbcU9Wlgph-1RKGtmf_kaXLCfCpb4JlKQIrOoTx16IorlGEDo5RPuOXSEmw7e3ZUT38tOCV9MVxYVH1RU7jl4Ogta-Xa3Shl1ogk3HfFCDYwNIlR8i-s2XQYHyyGLylhstU_KToK4WZZyYX7ocFAC8TvO7enrR56Fonzm8PlsCLsS_0PfAc_ZKVoEHy8PTALlDfHAfFWBjf1O3OGLlc56iyOh5Q9gbn1EBPIdySEC6FyX_paEacxXKrBGkQktViD6GzWbxSXDae40sHG6aOLVKyL17l1zaz3TM3HdvPcR4iHdLawCmLxYgxAJwQftVz-2OU55uxHDjHGFzZNbPbhMQXbq_vCnMoswUViTVbnUH_1HlQdSUEksmZGq-eR49Gv2YYQQir20t75iLD-ljx7IG560jQdyszYF98f6Cq-c0psfKR3nj4cEemUmMyUnVJEzi3mT654GMMPZotyycuZpJFFM6EIPlH3-FraF2tQM16ZgSzJZsAh25trSeWuzJRWocn1mSUeIN4Y7cuBzotttibbwocPRXV02-mR0zIUj_HE1qL_hCNUiatN__w5BRckcKcXdfPijPW2jrsXfGtiji19q7R8OqqVnipYwogpWwp47ND9ALMGxn%26bid%3D0.0218843052409496&icons=JHoh5zR__WkbS5zm4hrdaC2ZK97vmcu84IZrSaYwn9CocCXznWysPZ4s4sWuHy-GWHZd7NZhuIFyD4viJmB8XGDueTuiljcKIMm_SqPvArfQRiAthfB0rSPR86AZxXP1TJ7ULPpVvleLKUDocRAlpOVfI5fvjRuamO57B-Kzp4tXeZYg83losJIO1jqBPPpjSieBa5Oz6dVp3W6goPTP_51ivgYqQLFhzK4TIDPD7OYe0oaaE9HjbgQMsDxNFzsMU3xZ2rDX8RJKPXypQAz65QZI0LQgy4p2-yfkhB0SVchRz67e2E1fY6lUFE-afoeEMgoKvRhgmQEhh5X_BQr4-7hmLGILQR8G7HHMY5hLqYyv7HZVw9ilzMF3vgxRZVzr3wU22wvQFmPBEi0WtIEMDJW2dTkkVxxuBStbVCgPTu808duCjXdsRLQFPxwzTGXraB84kwOMciR7hdYL_0Wm_WPL1gyiNi_2yX9U0wK4oks2bbl8sUwM-L7wI7MjvpWaNuIY1EL7XduxIlal2Ut8fTRr_FhOc6XpGJYIFhjT4vFSY2mJppT3VCsUpe6PP34Ibvbf775hSTqHwJMFkVnsf2CFtHOlObKEat_1dvUEYUfvnBCPCsosRplzr-yQAJBgnXkg1yN1JsrdNmBzD4W_0xTaF6kKmo1r82K94pn9bzPOVNpL6cccEBo9y8GcJFS1r8Nh9R2xjhfBMGDzFiIkoDJOXidF0IqvuxPN4C8gjygastHHFHNNBiGMw7Nh83u7YOFT3AQWgOBscqG-hDQV5a6YYQG6LK91DOE-rCRURrd-W929ymiezRuhId93cqs9p3pjvcDV80ciXC6dsF4oEn9gDX6c0ypRwgQEh13ZJSo6XjMhf4k4Q62HW4Ak9qZXKEDZM1YrURCgb8YxATYSfPY1eqsB74TXTtN-whAO0xcIL31wZh3dbHLB5AYCDLD7YTjtnjiUEil0jU0IgcCENAa9qVb2gOfAaFahg_9seUd25dTnt5tFmXKV0CWOW6lj_7xyPvz-KTiedXnmrYteHMj459zZIsmYD8PIRQbqhx75AEJbDbKo3AO81s-WOB7LxZdn8GwaQFqr2uadDxaAUb_33RZxV12gM7hyJfJ9m2owZsu-XcliCzyD_enfHCwO1BjTp1ARFG4-g_xaG8v8yU-zGDso7SdnUILb_v7mO_HV5MIofHEmwNtglNmcelgowHu30pUrK9YF50VY-p1xhZO4Zp8w3oPlaj3-B1RdqkcYIbFQOTPGZOfGJp5meJfYi-edus61-kYXvlsCS-Im1m36dP2l6UQO6Xxu8mQoIvEnoFkZmA&ext_cid=224906&px_id=73560190&min_cpm=0.0038056109265296764&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=1475945489521637793&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.0218843052409496&verify_hash=26eff891a001f03cfd187fbaa362965a&is_native=1&real_bid=0.021792391559651278&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98,130&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715291932&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.03&cpa=c242ab5b-4b35-4239-ae2e-4d40665c0acd&prev_step_diff=865 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=b&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119132&subid=1211831614&sid=2734670709&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D_jQUrj0GjkXgvnlAARgS7KoXXsHFzEuyxFyw90Q01xTPsRoQjl4xVc_cOTAAwXbqF55rnxX9YV3RPd91rRK7irtM-dyx0rmQII_1jbDhXMtj5LBzxN9IiVogAUKTa-HKIwIpf4j8VQT0R-PIogMtbg3FhW7_pDfbre7HGHWEzScxq7WZB2IEXVuB_UQTseSsIv2pzPJTjaJrCPdqm4QWu1_21q_wqgQNfle7oxPw9nYJcg0yip3i1j2xggrKUe-l9bl2fSIJMlEIKbjD9jXZQ1652I5mhLG7zU4T9SzhKzTVEKdnFRoUHKe34qCm8O4ZuDGWzkyPcZgHnJh3PkoKxZLthu_Xi0yBbhHllAZQ0PH-4MUtFf6X8JCcIRkPe2Nyju8GZYrOLyg-tdg03N77u14lDC15HL8v4TnY0gOs5zZ9hELXmxajF40zC5mleYGFlq3Cnly1ZeqsES65KdNpuXXWXtBpCtjOdJ_gLqIbewyCGdLEejK-9yUxrGJPRo15BuxCJXSYDOZdolL1kUuA_clYQHtJdFYy6SfIY5ZyOAgeI0Py2czK-rTAPOJXn97tw20XcSfPuaGSKWIaXM3ICdJw6PWDrahfMkpWUh-IRFUlFwKW6PrZ0V11FHmKfpjYkTRKPDi1Cs31ifNiXIFYkk3U0U1rRdJQYyM1QTV3CaXYSYSFYTEyIb-Ka1zbcU9Wlgph-1RKGtmf_kaXLCfCpb4JlKQIrOoTx16IorlGEDo5RPuOXSEmw7e3ZUT38tOCV9MVxYVH1RU7jl4Ogta-Xa3Shl1ogk3HfFCDYwNIlR8i-s2XQYHyyGLylhstU_KToK4WZZyYX7ocFAC8TvO7enrR56Fonzm8PlsCLsS_0PfAc_ZKVoEHy8PTALlDfHAfFWBjf1O3OGLlc56iyOh5Q9gbn1EBPIdySEC6FyX_paEacxXKrBGkQktViD6GzWbxSXDae40sHG6aOLVKyL17l1zaz3TM3HdvPcR4iHdLawCmLxYgxAJwQftVz-2OU55uxHDjHGFzZNbPbhMQXbq_vCnMoswUViTVbnUH_1HlQdSUEksmZGq-eR49Gv2YYQQir20t75iLD-ljx7IG560jQdyszYF98f6Cq-c0psfKR3nj4cEemUmMyUnVJEzi3mT654GMMPZotyycuZpJFFM6EIPlH3-FraF2tQM16ZgSzJZsAh25trSeWuzJRWocn1mSUeIN4Y7cuBzotttibbwocPRXV02-mR0zIUj_HE1qL_hCNUiatN__w5BRckcKcXdfPijPW2jrsXfGtiji19q7R8OqqVnipYwogpWwp47ND9ALMGxn%26bid%3D0.0218843052409496&icons=JHoh5zR__WkbS5zm4hrdaC2ZK97vmcu84IZrSaYwn9CocCXznWysPZ4s4sWuHy-GWHZd7NZhuIFyD4viJmB8XGDueTuiljcKIMm_SqPvArfQRiAthfB0rSPR86AZxXP1TJ7ULPpVvleLKUDocRAlpOVfI5fvjRuamO57B-Kzp4tXeZYg83losJIO1jqBPPpjSieBa5Oz6dVp3W6goPTP_51ivgYqQLFhzK4TIDPD7OYe0oaaE9HjbgQMsDxNFzsMU3xZ2rDX8RJKPXypQAz65QZI0LQgy4p2-yfkhB0SVchRz67e2E1fY6lUFE-afoeEMgoKvRhgmQEhh5X_BQr4-7hmLGILQR8G7HHMY5hLqYyv7HZVw9ilzMF3vgxRZVzr3wU22wvQFmPBEi0WtIEMDJW2dTkkVxxuBStbVCgPTu808duCjXdsRLQFPxwzTGXraB84kwOMciR7hdYL_0Wm_WPL1gyiNi_2yX9U0wK4oks2bbl8sUwM-L7wI7MjvpWaNuIY1EL7XduxIlal2Ut8fTRr_FhOc6XpGJYIFhjT4vFSY2mJppT3VCsUpe6PP34Ibvbf775hSTqHwJMFkVnsf2CFtHOlObKEat_1dvUEYUfvnBCPCsosRplzr-yQAJBgnXkg1yN1JsrdNmBzD4W_0xTaF6kKmo1r82K94pn9bzPOVNpL6cccEBo9y8GcJFS1r8Nh9R2xjhfBMGDzFiIkoDJOXidF0IqvuxPN4C8gjygastHHFHNNBiGMw7Nh83u7YOFT3AQWgOBscqG-hDQV5a6YYQG6LK91DOE-rCRURrd-W929ymiezRuhId93cqs9p3pjvcDV80ciXC6dsF4oEn9gDX6c0ypRwgQEh13ZJSo6XjMhf4k4Q62HW4Ak9qZXKEDZM1YrURCgb8YxATYSfPY1eqsB74TXTtN-whAO0xcIL31wZh3dbHLB5AYCDLD7YTjtnjiUEil0jU0IgcCENAa9qVb2gOfAaFahg_9seUd25dTnt5tFmXKV0CWOW6lj_7xyPvz-KTiedXnmrYteHMj459zZIsmYD8PIRQbqhx75AEJbDbKo3AO81s-WOB7LxZdn8GwaQFqr2uadDxaAUb_33RZxV12gM7hyJfJ9m2owZsu-XcliCzyD_enfHCwO1BjTp1ARFG4-g_xaG8v8yU-zGDso7SdnUILb_v7mO_HV5MIofHEmwNtglNmcelgowHu30pUrK9YF50VY-p1xhZO4Zp8w3oPlaj3-B1RdqkcYIbFQOTPGZOfGJp5meJfYi-edus61-kYXvlsCS-Im1m36dP2l6UQO6Xxu8mQoIvEnoFkZmA&ext_cid=224906&px_id=73560190&min_cpm=0.0038056109265296764&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=1475945489521637793&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.0218843052409496&verify_hash=26eff891a001f03cfd187fbaa362965a&is_native=1&real_bid=0.021792391559651278&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98,130&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715291932&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.03&cpa=c242ab5b-4b35-4239-ae2e-4d40665c0acd&prev_step_diff=865 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=b&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119132&subid=1211831614&sid=2734670709&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D_jQUrj0GjkXgvnlAARgS7KoXXsHFzEuyxFyw90Q01xTPsRoQjl4xVc_cOTAAwXbqF55rnxX9YV3RPd91rRK7irtM-dyx0rmQII_1jbDhXMtj5LBzxN9IiVogAUKTa-HKIwIpf4j8VQT0R-PIogMtbg3FhW7_pDfbre7HGHWEzScxq7WZB2IEXVuB_UQTseSsIv2pzPJTjaJrCPdqm4QWu1_21q_wqgQNfle7oxPw9nYJcg0yip3i1j2xggrKUe-l9bl2fSIJMlEIKbjD9jXZQ1652I5mhLG7zU4T9SzhKzTVEKdnFRoUHKe34qCm8O4ZuDGWzkyPcZgHnJh3PkoKxZLthu_Xi0yBbhHllAZQ0PH-4MUtFf6X8JCcIRkPe2Nyju8GZYrOLyg-tdg03N77u14lDC15HL8v4TnY0gOs5zZ9hELXmxajF40zC5mleYGFlq3Cnly1ZeqsES65KdNpuXXWXtBpCtjOdJ_gLqIbewyCGdLEejK-9yUxrGJPRo15BuxCJXSYDOZdolL1kUuA_clYQHtJdFYy6SfIY5ZyOAgeI0Py2czK-rTAPOJXn97tw20XcSfPuaGSKWIaXM3ICdJw6PWDrahfMkpWUh-IRFUlFwKW6PrZ0V11FHmKfpjYkTRKPDi1Cs31ifNiXIFYkk3U0U1rRdJQYyM1QTV3CaXYSYSFYTEyIb-Ka1zbcU9Wlgph-1RKGtmf_kaXLCfCpb4JlKQIrOoTx16IorlGEDo5RPuOXSEmw7e3ZUT38tOCV9MVxYVH1RU7jl4Ogta-Xa3Shl1ogk3HfFCDYwNIlR8i-s2XQYHyyGLylhstU_KToK4WZZyYX7ocFAC8TvO7enrR56Fonzm8PlsCLsS_0PfAc_ZKVoEHy8PTALlDfHAfFWBjf1O3OGLlc56iyOh5Q9gbn1EBPIdySEC6FyX_paEacxXKrBGkQktViD6GzWbxSXDae40sHG6aOLVKyL17l1zaz3TM3HdvPcR4iHdLawCmLxYgxAJwQftVz-2OU55uxHDjHGFzZNbPbhMQXbq_vCnMoswUViTVbnUH_1HlQdSUEksmZGq-eR49Gv2YYQQir20t75iLD-ljx7IG560jQdyszYF98f6Cq-c0psfKR3nj4cEemUmMyUnVJEzi3mT654GMMPZotyycuZpJFFM6EIPlH3-FraF2tQM16ZgSzJZsAh25trSeWuzJRWocn1mSUeIN4Y7cuBzotttibbwocPRXV02-mR0zIUj_HE1qL_hCNUiatN__w5BRckcKcXdfPijPW2jrsXfGtiji19q7R8OqqVnipYwogpWwp47ND9ALMGxn%26bid%3D0.0218843052409496&icons=JHoh5zR__WkbS5zm4hrdaC2ZK97vmcu84IZrSaYwn9CocCXznWysPZ4s4sWuHy-GWHZd7NZhuIFyD4viJmB8XGDueTuiljcKIMm_SqPvArfQRiAthfB0rSPR86AZxXP1TJ7ULPpVvleLKUDocRAlpOVfI5fvjRuamO57B-Kzp4tXeZYg83losJIO1jqBPPpjSieBa5Oz6dVp3W6goPTP_51ivgYqQLFhzK4TIDPD7OYe0oaaE9HjbgQMsDxNFzsMU3xZ2rDX8RJKPXypQAz65QZI0LQgy4p2-yfkhB0SVchRz67e2E1fY6lUFE-afoeEMgoKvRhgmQEhh5X_BQr4-7hmLGILQR8G7HHMY5hLqYyv7HZVw9ilzMF3vgxRZVzr3wU22wvQFmPBEi0WtIEMDJW2dTkkVxxuBStbVCgPTu808duCjXdsRLQFPxwzTGXraB84kwOMciR7hdYL_0Wm_WPL1gyiNi_2yX9U0wK4oks2bbl8sUwM-L7wI7MjvpWaNuIY1EL7XduxIlal2Ut8fTRr_FhOc6XpGJYIFhjT4vFSY2mJppT3VCsUpe6PP34Ibvbf775hSTqHwJMFkVnsf2CFtHOlObKEat_1dvUEYUfvnBCPCsosRplzr-yQAJBgnXkg1yN1JsrdNmBzD4W_0xTaF6kKmo1r82K94pn9bzPOVNpL6cccEBo9y8GcJFS1r8Nh9R2xjhfBMGDzFiIkoDJOXidF0IqvuxPN4C8gjygastHHFHNNBiGMw7Nh83u7YOFT3AQWgOBscqG-hDQV5a6YYQG6LK91DOE-rCRURrd-W929ymiezRuhId93cqs9p3pjvcDV80ciXC6dsF4oEn9gDX6c0ypRwgQEh13ZJSo6XjMhf4k4Q62HW4Ak9qZXKEDZM1YrURCgb8YxATYSfPY1eqsB74TXTtN-whAO0xcIL31wZh3dbHLB5AYCDLD7YTjtnjiUEil0jU0IgcCENAa9qVb2gOfAaFahg_9seUd25dTnt5tFmXKV0CWOW6lj_7xyPvz-KTiedXnmrYteHMj459zZIsmYD8PIRQbqhx75AEJbDbKo3AO81s-WOB7LxZdn8GwaQFqr2uadDxaAUb_33RZxV12gM7hyJfJ9m2owZsu-XcliCzyD_enfHCwO1BjTp1ARFG4-g_xaG8v8yU-zGDso7SdnUILb_v7mO_HV5MIofHEmwNtglNmcelgowHu30pUrK9YF50VY-p1xhZO4Zp8w3oPlaj3-B1RdqkcYIbFQOTPGZOfGJp5meJfYi-edus61-kYXvlsCS-Im1m36dP2l6UQO6Xxu8mQoIvEnoFkZmA&ext_cid=224906&px_id=73560190&min_cpm=0.0038056109265296764&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=1475945489521637793&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.0218843052409496&verify_hash=26eff891a001f03cfd187fbaa362965a&is_native=1&real_bid=0.021792391559651278&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98,130&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715291932&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.03&cpa=c242ab5b-4b35-4239-ae2e-4d40665c0acd&prev_step_diff=865 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=5493cf58-2834-4042-9386-37a6aa7ac237&prev_step_diff=865 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=5493cf58-2834-4042-9386-37a6aa7ac237&prev_step_diff=865 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=5493cf58-2834-4042-9386-37a6aa7ac237&prev_step_diff=865 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:53 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Wed, 07 May 2025 21:58:53 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js | 212.117.190.201 | 200 OK | 42 kB |
URL GET HTTP/2b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, max speed, from Unix Hashed73757f570b77559407bd01e9a28ef3 441c449728a8e2c0b27271ba455f5fc925effb13 42829f7b20ef0495fd43043f0e6620ab71297b3d832df45902607e6939ffd549
GET /t/9/fret/meow4/2020088/0d68ddef.js HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:50 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashd59e53e22f3681f080bc6a493b7508a1 50ec966f62f5efce0a5fbea8917c5c5b025eaccf cffc1da003262cd2907f76fb611cccac521441669302d10fae3aeb0c9a81c181
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 May 2024 21:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| js.mbidinp.com/npc/sdk/wpu/npush.m.js | 45.133.44.52 | 200 OK | 47 kB |
URL GET HTTP/2js.mbidinp.com/npc/sdk/wpu/npush.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe9a99cf4fe67053d3ea4f901e5b36134 dbe5500429914be483005df0426abd4725bd3d43 ad88d51f659137b74a6147bdb86a977cccff9a077568164ad613467ead7b60c9
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.mbidpp.com/popunder-admanager/build.m.js | 45.133.44.53 | 200 OK | 31 kB |
URL GET HTTP/2js.mbidpp.com/popunder-admanager/build.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectjs.mbidpp.com Fingerprint5B:B3:95:84:D0:2B:0C:9A:68:98:53:B0:A4:A5:68:88:B2:A5:5F:82 ValidityThu, 18 Apr 2024 03:01:11 GMT - Wed, 17 Jul 2024 03:01:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash45e3bfc69e143da7135b44b8d0a5a953 dbcddd0502412379c7f8810360967765d9410f85 ae3b2b650a44abbca914ce48803e9a6c8c74c89f89815132cceefa1f657128ed
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg | 45.133.44.25 | 200 OK | 10 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hashd27321438be78f72c18f84cecb85c11e 31084685ba871245f90f4ac23949bc4aa37ce39b d08796c038822a8e5b0b8f249dda868ce114459c911091b0969acf32df501b98
GET /m/p/0/777/777156/conversions/3b69WTpe-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:53 GMT
content-type: image/jpeg
content-length: 10147
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:54 GMT
etag: "66159ab6-27a3"
x-request-id: a42fb51f65ac1ae8733899620e4ac07b
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=13d346c8805ab092457543f62541c3ca1715126331&psp=lSsDGaeRxYSYAmUe_Y1mVkWt0wKPYvG5Li-lfPex_zY08GVkG1rVvjVBR_jQXMhVW3cEoPba3iEIfSFa_5FFSSeYJl9jncqjZq3DcCwOIFK_bR0KBne1yDK6GrLYMDzEluLOGpPrT-oVJQ1xvMqJWGyZpAxAJgZp9yYDVgDEHycZcVEkoMTy_1RWZKAn0c9tTkyaqk_sLi418hxpdiKuh-WqROe65xAPLyf-LwSc441UnByJSikpsRdSLN7Zjd1L1-mrW5eKEQkSFDNehu9_Uo8VoDZnND5hZL7jhZrpjs_78LtysFrBZSUvMEapy2_zCUxwvokn0qS4TVTuYML1YLjqcStGYcgLzEjeUwUIs74nNhCYQX-5iGo1jvHWt5MuOu0s7HKtCQtWepqSVyf949GDCTruOXl5hoAQE1nxV4O3bIpx_oej_6o8cFVXeAA1Wd5eRUqvNN-V-ORNEJ71Fs_C7Lb5n0zafVhm39JIfmbnW3iWIt0kGJjYtvS6IO5HovZMG44YcKISUE6iC79edF5JAF8uWQOPIFa_wRYWWVSy8DwW2Jkun0thBBbQjvwwoFgxGdxKR7AMbcWJYd6sl-jKWDxYK7xntVHJYaj-C7N-gPKW71A_Qbu_rbBxEYmua8oVM-c9k8En0xkWAyinXaignGvn3PJD28M4e_hvsVOKVFqtRdBCuBjrAK8_XEq-Q9FoNrJCjFJ34YFKkMeFFANOunP-tSGEO8R6vM0JP932lo0ZtYezAf3dXcsBQgJs4Da06AX5lS2uP6HmZF7FcpDdxJzq6lPnbFYGSvt0omCqZyI1buG49hKQ8-inTW5YjF59TqJa5Tf2UvM37_yiAaTCkS7OyCNjJ9I3SMzVELA0jkvhtAFbHUdSEIgYwfkCENx8kpcAS7uUQfrqc6a2ndMyIBkodugZbwpsxgGmrB1C1h1rQKQ16pZ-a8-C9vXlcHijd2gTZ9rK4HYeV7Yao40nmjfOIUL7wDYZmZ3srsIPjLDSz3F0HtAzILE3elLQOY3S3jibEGaeOe3tjHkZXXmd0GOtw9SC1IE6zlwQbjSw0lU0Xv9iKPM6-EPVZYeEanBFcONO1PKiLkqJRxfFtYE-9XEJmkAdwYNjY8JkaX5qHHBSKtlFmJCvPh_B4atOoISsRW6eXIuReeGOL8KIkIYrGOfKkKWugjAswehgzYCtFVjMTSZc_4ekiZ2G6fhLp6-IFGcvMuSt5KSBf-WP1MR45OapT__Dj6Lp69n37_2RLyJCRgFwsVAnT1sICiEg_OrQLvMTMST4LoMcTf-r5JnslCjYaH7JRMfWt2X9c58fRdeGY7JjPPYLXiqTSa9hEQyMd3Cpfb8tSKZN-9z5mOg-AetVWcUHdBydJDWSSzsmlfP9b9jvdmazgiyI_jHL8xzJ2YsuDZfyGe83fy_drtNLQZXWWosW3Z4CyPYXIbzcNGlZc-p3qThCvBE_dK5t_s6zUYi8cuEogwaEX-3gEQnxqZcg60kVBXlFm1lDAT4OkmP3xpozXezt0rpTdwVXCfS3SAgt2ELmBLCqsidrgC1WXmAARmhX0F3R8gJ_KT4x60u2WFFWwVNUYlJAavuDRRz6NoWs9PnjxIDBqcRubtA7kJycGH5IFwQ47FGlVEBj31cwLOT7BMYt0pLYFPk6KNzYh3W7gKW30Ys5TJ_d4kvvCKHcnlVlPB2bSuCSHsJhNloruNpIFWKeV84md39NCGuzXSqxZ7wwO-2QIo1MlfUJsehqnBojvxhJ-brfmP6Fw5jbr7wNy5jigAIHZYQmi5CbWJ4DreiU-4jgnQJIfuPN5rUMZD2eKL3vFDJ9lrWrFgaon5cKPCh2hZZNxcKwDUOIiKwpv5MCPxstrBj4js8lo1nY7QH1botYZKZumSIsvWshdyu6uctRPpYa0kCU741kuX2coED0QrPpp_vqDVr6I4mYSJHDUdjd4t6N3C4u7BualUGZFVjv3GHM3p9Bo0Sk0Deum_PG4g4_qWK-ZPk5eN7kBosQAIwZUgTVgcUg2v4AtGDZW6j8GXKcqDEH9HA6BIbxIECykBOhAEW5A3j8zgZQdfDl2kMMmnBLTV9W2lJ4u9eALIx5IFJxXTDHnSXhBRMi1TFMhlpkrU_djbVkNrtjzXI5H5SF4EGdQGRo88ucfQCbW1vPs-CRvz432Xu36oqeSDWc5OO1e5zDdDKop0M_ULhYDVnVfU_GGHHx_WyMHVJRd3hZbkq58PfWyE2SkNHyB_dM9eE0jGwxJ0PMCi6Td0GkvqHy4KVZZagtsE_g8dEW2Z5lO8YIjZRZqH13OgF-6POibxAolggThxfuHGPoyEtwEu5COqsPbmhYTXTZfBhpDERPlJLPm42S5TBPOMaWl2zejggM1sMQcUZHjqReY5nRLL5jABsMqgKOAuQczSVRt8raeOuGA6klRp8RB2MA595378n5EdaANCvoTsHcKwk8VLOD71huBWUVqTXnUpZ2OBa9hF2m_LkunJGu3t7hMUHGEBkNrb2tnCoWvgjKlwq7V6XtiyS6S3jiJDeiUFmbvoGJbat1fyW_83OcOOXlUfEtozmNPSdANwPpiDYILuXeS_A8ue8WewoaLH0kQlgNcTDEVrSaNU4JaWCDUO_SwdFrKgWLgDuWW3JZdT5-R23kjqzTLTH8FOxIgW9lFtmyjrzb7ny1D63Xsui69gQaT_uMIzt6eZsvpi66Zv4Br-Bwft-s1xFoj3dwoufzgX10Wz_5chYx3yKkS9CGVlOqpi1PB_Z2CebHDp2bsJotx4Fe7rBE7jwhMSNnw3SoOsUYLHq0kOP5LzHPkYWBgjW5nmH4-aWebZlukkPSsSgfynCgyY7p7HrCnMURiDrQGRrNecI5OqRDbWuO1CYFfUiDAAMSCK6h3QoDpJ1cUaSzsTUcNAuJA6SE7PdZ5Y2tQCA1cNj80yW1m_5BIqrRC6EeVWCXxoa13xIyLtjDveR2oN4-YLXxVL8xeqMn3xXmNHFzB85l0PRg4eJZoyMJ9Tuw8Dmww49kXh2uD3vhcpq5uzyBzxUxJIvGUUEZVHjUPwgmFrSlTEV8tULw2aL_G7RKDexww-w4NKUnLT7F0Np_KOoEidwai8ootpL6uR1KvHcjprGrgfwdA5lXJPOSrg567wyODFiHqW3dDdt9EUSOAd0pH-U24YeJCD8ts6v6H1wlfIC2BLPHa7KXIFbWV6xUy9fqVADQ22Mv2d-HlF8zlIz6H6kVoOiaEHDk0Ytxt5mq0GJdabutTAbdlY1DZCwsu_Rm1aY7hMtUuIFl3EeNwMRkQxfCM8aB1tcG3r2W-QLoVfYJdHiD0iPE6jflFmsEgEr0sH5lASXROfdFkO0rX1hQOB03tTnNkN0gOAj9ThKWYPIAaRDVMd4vhPrFtfsXZzqtUEXFEdb6iAKYO6GHNyz3zFcVy78Hp5-SvrG5GjbByparJPYHVyOztA8X3YiXPuwprOqYbSGtwuid9wXGcjy7fKWkAovGFcZYeAXMPBsBvP6koVvuaww21ORW5Cv1QYi5Y7e7zMvZhWBKPmjK8jUsc5ra3ouLTmR_o8zVbXiNZ28qB7BNKatbU23sKYzIJ5Px2-6Dvceqi-SgwszGt3dm2S_hGR14HKPYMEl88GlNh2PaGyAsjUONRbS-SgHk46fXDUKyGL0uQ5rH5LTECNvNV4p4k9XZkKVFfOll1lsgukOFbiiOav8rJnuQue_TffYYSXEYStZZGtBRminlSGArQp8MYrMCWBuQ_PUbnjV_N-8Q4mSWO1jqpSK9-02Hcd3lrW37F4OEc_FkEX3Cfc4CtLM2xRCL8c9AztIxEk0Z4PuZ_Cg8dSFqW3NfLBUPsUCcffDxy_nvsmtAADSXkqE0tlBnchMtf7j67jp3gLN2HmUDaMk-GOZFXKwSGwiwIRR3PCpUUjRAta1yvtuwq1Zxpefrqdgc1xBJDKHnHk60RdMXXF71amBL6sTZ6HZggmelPUdIXAbrF3a_RrzlReYyfZQJW2O83zKyc-oUpnYqeyYqByP3WQ-ePEOwsGYX02ZT7pqEjEc_NVb0ucKjb5Fj9QJX9dRnwpEwValtqX1TFRQmTJ39cA-mcw==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801251907638272&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=13d346c8805ab092457543f62541c3ca1715126331&psp=lSsDGaeRxYSYAmUe_Y1mVkWt0wKPYvG5Li-lfPex_zY08GVkG1rVvjVBR_jQXMhVW3cEoPba3iEIfSFa_5FFSSeYJl9jncqjZq3DcCwOIFK_bR0KBne1yDK6GrLYMDzEluLOGpPrT-oVJQ1xvMqJWGyZpAxAJgZp9yYDVgDEHycZcVEkoMTy_1RWZKAn0c9tTkyaqk_sLi418hxpdiKuh-WqROe65xAPLyf-LwSc441UnByJSikpsRdSLN7Zjd1L1-mrW5eKEQkSFDNehu9_Uo8VoDZnND5hZL7jhZrpjs_78LtysFrBZSUvMEapy2_zCUxwvokn0qS4TVTuYML1YLjqcStGYcgLzEjeUwUIs74nNhCYQX-5iGo1jvHWt5MuOu0s7HKtCQtWepqSVyf949GDCTruOXl5hoAQE1nxV4O3bIpx_oej_6o8cFVXeAA1Wd5eRUqvNN-V-ORNEJ71Fs_C7Lb5n0zafVhm39JIfmbnW3iWIt0kGJjYtvS6IO5HovZMG44YcKISUE6iC79edF5JAF8uWQOPIFa_wRYWWVSy8DwW2Jkun0thBBbQjvwwoFgxGdxKR7AMbcWJYd6sl-jKWDxYK7xntVHJYaj-C7N-gPKW71A_Qbu_rbBxEYmua8oVM-c9k8En0xkWAyinXaignGvn3PJD28M4e_hvsVOKVFqtRdBCuBjrAK8_XEq-Q9FoNrJCjFJ34YFKkMeFFANOunP-tSGEO8R6vM0JP932lo0ZtYezAf3dXcsBQgJs4Da06AX5lS2uP6HmZF7FcpDdxJzq6lPnbFYGSvt0omCqZyI1buG49hKQ8-inTW5YjF59TqJa5Tf2UvM37_yiAaTCkS7OyCNjJ9I3SMzVELA0jkvhtAFbHUdSEIgYwfkCENx8kpcAS7uUQfrqc6a2ndMyIBkodugZbwpsxgGmrB1C1h1rQKQ16pZ-a8-C9vXlcHijd2gTZ9rK4HYeV7Yao40nmjfOIUL7wDYZmZ3srsIPjLDSz3F0HtAzILE3elLQOY3S3jibEGaeOe3tjHkZXXmd0GOtw9SC1IE6zlwQbjSw0lU0Xv9iKPM6-EPVZYeEanBFcONO1PKiLkqJRxfFtYE-9XEJmkAdwYNjY8JkaX5qHHBSKtlFmJCvPh_B4atOoISsRW6eXIuReeGOL8KIkIYrGOfKkKWugjAswehgzYCtFVjMTSZc_4ekiZ2G6fhLp6-IFGcvMuSt5KSBf-WP1MR45OapT__Dj6Lp69n37_2RLyJCRgFwsVAnT1sICiEg_OrQLvMTMST4LoMcTf-r5JnslCjYaH7JRMfWt2X9c58fRdeGY7JjPPYLXiqTSa9hEQyMd3Cpfb8tSKZN-9z5mOg-AetVWcUHdBydJDWSSzsmlfP9b9jvdmazgiyI_jHL8xzJ2YsuDZfyGe83fy_drtNLQZXWWosW3Z4CyPYXIbzcNGlZc-p3qThCvBE_dK5t_s6zUYi8cuEogwaEX-3gEQnxqZcg60kVBXlFm1lDAT4OkmP3xpozXezt0rpTdwVXCfS3SAgt2ELmBLCqsidrgC1WXmAARmhX0F3R8gJ_KT4x60u2WFFWwVNUYlJAavuDRRz6NoWs9PnjxIDBqcRubtA7kJycGH5IFwQ47FGlVEBj31cwLOT7BMYt0pLYFPk6KNzYh3W7gKW30Ys5TJ_d4kvvCKHcnlVlPB2bSuCSHsJhNloruNpIFWKeV84md39NCGuzXSqxZ7wwO-2QIo1MlfUJsehqnBojvxhJ-brfmP6Fw5jbr7wNy5jigAIHZYQmi5CbWJ4DreiU-4jgnQJIfuPN5rUMZD2eKL3vFDJ9lrWrFgaon5cKPCh2hZZNxcKwDUOIiKwpv5MCPxstrBj4js8lo1nY7QH1botYZKZumSIsvWshdyu6uctRPpYa0kCU741kuX2coED0QrPpp_vqDVr6I4mYSJHDUdjd4t6N3C4u7BualUGZFVjv3GHM3p9Bo0Sk0Deum_PG4g4_qWK-ZPk5eN7kBosQAIwZUgTVgcUg2v4AtGDZW6j8GXKcqDEH9HA6BIbxIECykBOhAEW5A3j8zgZQdfDl2kMMmnBLTV9W2lJ4u9eALIx5IFJxXTDHnSXhBRMi1TFMhlpkrU_djbVkNrtjzXI5H5SF4EGdQGRo88ucfQCbW1vPs-CRvz432Xu36oqeSDWc5OO1e5zDdDKop0M_ULhYDVnVfU_GGHHx_WyMHVJRd3hZbkq58PfWyE2SkNHyB_dM9eE0jGwxJ0PMCi6Td0GkvqHy4KVZZagtsE_g8dEW2Z5lO8YIjZRZqH13OgF-6POibxAolggThxfuHGPoyEtwEu5COqsPbmhYTXTZfBhpDERPlJLPm42S5TBPOMaWl2zejggM1sMQcUZHjqReY5nRLL5jABsMqgKOAuQczSVRt8raeOuGA6klRp8RB2MA595378n5EdaANCvoTsHcKwk8VLOD71huBWUVqTXnUpZ2OBa9hF2m_LkunJGu3t7hMUHGEBkNrb2tnCoWvgjKlwq7V6XtiyS6S3jiJDeiUFmbvoGJbat1fyW_83OcOOXlUfEtozmNPSdANwPpiDYILuXeS_A8ue8WewoaLH0kQlgNcTDEVrSaNU4JaWCDUO_SwdFrKgWLgDuWW3JZdT5-R23kjqzTLTH8FOxIgW9lFtmyjrzb7ny1D63Xsui69gQaT_uMIzt6eZsvpi66Zv4Br-Bwft-s1xFoj3dwoufzgX10Wz_5chYx3yKkS9CGVlOqpi1PB_Z2CebHDp2bsJotx4Fe7rBE7jwhMSNnw3SoOsUYLHq0kOP5LzHPkYWBgjW5nmH4-aWebZlukkPSsSgfynCgyY7p7HrCnMURiDrQGRrNecI5OqRDbWuO1CYFfUiDAAMSCK6h3QoDpJ1cUaSzsTUcNAuJA6SE7PdZ5Y2tQCA1cNj80yW1m_5BIqrRC6EeVWCXxoa13xIyLtjDveR2oN4-YLXxVL8xeqMn3xXmNHFzB85l0PRg4eJZoyMJ9Tuw8Dmww49kXh2uD3vhcpq5uzyBzxUxJIvGUUEZVHjUPwgmFrSlTEV8tULw2aL_G7RKDexww-w4NKUnLT7F0Np_KOoEidwai8ootpL6uR1KvHcjprGrgfwdA5lXJPOSrg567wyODFiHqW3dDdt9EUSOAd0pH-U24YeJCD8ts6v6H1wlfIC2BLPHa7KXIFbWV6xUy9fqVADQ22Mv2d-HlF8zlIz6H6kVoOiaEHDk0Ytxt5mq0GJdabutTAbdlY1DZCwsu_Rm1aY7hMtUuIFl3EeNwMRkQxfCM8aB1tcG3r2W-QLoVfYJdHiD0iPE6jflFmsEgEr0sH5lASXROfdFkO0rX1hQOB03tTnNkN0gOAj9ThKWYPIAaRDVMd4vhPrFtfsXZzqtUEXFEdb6iAKYO6GHNyz3zFcVy78Hp5-SvrG5GjbByparJPYHVyOztA8X3YiXPuwprOqYbSGtwuid9wXGcjy7fKWkAovGFcZYeAXMPBsBvP6koVvuaww21ORW5Cv1QYi5Y7e7zMvZhWBKPmjK8jUsc5ra3ouLTmR_o8zVbXiNZ28qB7BNKatbU23sKYzIJ5Px2-6Dvceqi-SgwszGt3dm2S_hGR14HKPYMEl88GlNh2PaGyAsjUONRbS-SgHk46fXDUKyGL0uQ5rH5LTECNvNV4p4k9XZkKVFfOll1lsgukOFbiiOav8rJnuQue_TffYYSXEYStZZGtBRminlSGArQp8MYrMCWBuQ_PUbnjV_N-8Q4mSWO1jqpSK9-02Hcd3lrW37F4OEc_FkEX3Cfc4CtLM2xRCL8c9AztIxEk0Z4PuZ_Cg8dSFqW3NfLBUPsUCcffDxy_nvsmtAADSXkqE0tlBnchMtf7j67jp3gLN2HmUDaMk-GOZFXKwSGwiwIRR3PCpUUjRAta1yvtuwq1Zxpefrqdgc1xBJDKHnHk60RdMXXF71amBL6sTZ6HZggmelPUdIXAbrF3a_RrzlReYyfZQJW2O83zKyc-oUpnYqeyYqByP3WQ-ePEOwsGYX02ZT7pqEjEc_NVb0ucKjb5Fj9QJX9dRnwpEwValtqX1TFRQmTJ39cA-mcw==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801251907638272&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=13d346c8805ab092457543f62541c3ca1715126331&psp=lSsDGaeRxYSYAmUe_Y1mVkWt0wKPYvG5Li-lfPex_zY08GVkG1rVvjVBR_jQXMhVW3cEoPba3iEIfSFa_5FFSSeYJl9jncqjZq3DcCwOIFK_bR0KBne1yDK6GrLYMDzEluLOGpPrT-oVJQ1xvMqJWGyZpAxAJgZp9yYDVgDEHycZcVEkoMTy_1RWZKAn0c9tTkyaqk_sLi418hxpdiKuh-WqROe65xAPLyf-LwSc441UnByJSikpsRdSLN7Zjd1L1-mrW5eKEQkSFDNehu9_Uo8VoDZnND5hZL7jhZrpjs_78LtysFrBZSUvMEapy2_zCUxwvokn0qS4TVTuYML1YLjqcStGYcgLzEjeUwUIs74nNhCYQX-5iGo1jvHWt5MuOu0s7HKtCQtWepqSVyf949GDCTruOXl5hoAQE1nxV4O3bIpx_oej_6o8cFVXeAA1Wd5eRUqvNN-V-ORNEJ71Fs_C7Lb5n0zafVhm39JIfmbnW3iWIt0kGJjYtvS6IO5HovZMG44YcKISUE6iC79edF5JAF8uWQOPIFa_wRYWWVSy8DwW2Jkun0thBBbQjvwwoFgxGdxKR7AMbcWJYd6sl-jKWDxYK7xntVHJYaj-C7N-gPKW71A_Qbu_rbBxEYmua8oVM-c9k8En0xkWAyinXaignGvn3PJD28M4e_hvsVOKVFqtRdBCuBjrAK8_XEq-Q9FoNrJCjFJ34YFKkMeFFANOunP-tSGEO8R6vM0JP932lo0ZtYezAf3dXcsBQgJs4Da06AX5lS2uP6HmZF7FcpDdxJzq6lPnbFYGSvt0omCqZyI1buG49hKQ8-inTW5YjF59TqJa5Tf2UvM37_yiAaTCkS7OyCNjJ9I3SMzVELA0jkvhtAFbHUdSEIgYwfkCENx8kpcAS7uUQfrqc6a2ndMyIBkodugZbwpsxgGmrB1C1h1rQKQ16pZ-a8-C9vXlcHijd2gTZ9rK4HYeV7Yao40nmjfOIUL7wDYZmZ3srsIPjLDSz3F0HtAzILE3elLQOY3S3jibEGaeOe3tjHkZXXmd0GOtw9SC1IE6zlwQbjSw0lU0Xv9iKPM6-EPVZYeEanBFcONO1PKiLkqJRxfFtYE-9XEJmkAdwYNjY8JkaX5qHHBSKtlFmJCvPh_B4atOoISsRW6eXIuReeGOL8KIkIYrGOfKkKWugjAswehgzYCtFVjMTSZc_4ekiZ2G6fhLp6-IFGcvMuSt5KSBf-WP1MR45OapT__Dj6Lp69n37_2RLyJCRgFwsVAnT1sICiEg_OrQLvMTMST4LoMcTf-r5JnslCjYaH7JRMfWt2X9c58fRdeGY7JjPPYLXiqTSa9hEQyMd3Cpfb8tSKZN-9z5mOg-AetVWcUHdBydJDWSSzsmlfP9b9jvdmazgiyI_jHL8xzJ2YsuDZfyGe83fy_drtNLQZXWWosW3Z4CyPYXIbzcNGlZc-p3qThCvBE_dK5t_s6zUYi8cuEogwaEX-3gEQnxqZcg60kVBXlFm1lDAT4OkmP3xpozXezt0rpTdwVXCfS3SAgt2ELmBLCqsidrgC1WXmAARmhX0F3R8gJ_KT4x60u2WFFWwVNUYlJAavuDRRz6NoWs9PnjxIDBqcRubtA7kJycGH5IFwQ47FGlVEBj31cwLOT7BMYt0pLYFPk6KNzYh3W7gKW30Ys5TJ_d4kvvCKHcnlVlPB2bSuCSHsJhNloruNpIFWKeV84md39NCGuzXSqxZ7wwO-2QIo1MlfUJsehqnBojvxhJ-brfmP6Fw5jbr7wNy5jigAIHZYQmi5CbWJ4DreiU-4jgnQJIfuPN5rUMZD2eKL3vFDJ9lrWrFgaon5cKPCh2hZZNxcKwDUOIiKwpv5MCPxstrBj4js8lo1nY7QH1botYZKZumSIsvWshdyu6uctRPpYa0kCU741kuX2coED0QrPpp_vqDVr6I4mYSJHDUdjd4t6N3C4u7BualUGZFVjv3GHM3p9Bo0Sk0Deum_PG4g4_qWK-ZPk5eN7kBosQAIwZUgTVgcUg2v4AtGDZW6j8GXKcqDEH9HA6BIbxIECykBOhAEW5A3j8zgZQdfDl2kMMmnBLTV9W2lJ4u9eALIx5IFJxXTDHnSXhBRMi1TFMhlpkrU_djbVkNrtjzXI5H5SF4EGdQGRo88ucfQCbW1vPs-CRvz432Xu36oqeSDWc5OO1e5zDdDKop0M_ULhYDVnVfU_GGHHx_WyMHVJRd3hZbkq58PfWyE2SkNHyB_dM9eE0jGwxJ0PMCi6Td0GkvqHy4KVZZagtsE_g8dEW2Z5lO8YIjZRZqH13OgF-6POibxAolggThxfuHGPoyEtwEu5COqsPbmhYTXTZfBhpDERPlJLPm42S5TBPOMaWl2zejggM1sMQcUZHjqReY5nRLL5jABsMqgKOAuQczSVRt8raeOuGA6klRp8RB2MA595378n5EdaANCvoTsHcKwk8VLOD71huBWUVqTXnUpZ2OBa9hF2m_LkunJGu3t7hMUHGEBkNrb2tnCoWvgjKlwq7V6XtiyS6S3jiJDeiUFmbvoGJbat1fyW_83OcOOXlUfEtozmNPSdANwPpiDYILuXeS_A8ue8WewoaLH0kQlgNcTDEVrSaNU4JaWCDUO_SwdFrKgWLgDuWW3JZdT5-R23kjqzTLTH8FOxIgW9lFtmyjrzb7ny1D63Xsui69gQaT_uMIzt6eZsvpi66Zv4Br-Bwft-s1xFoj3dwoufzgX10Wz_5chYx3yKkS9CGVlOqpi1PB_Z2CebHDp2bsJotx4Fe7rBE7jwhMSNnw3SoOsUYLHq0kOP5LzHPkYWBgjW5nmH4-aWebZlukkPSsSgfynCgyY7p7HrCnMURiDrQGRrNecI5OqRDbWuO1CYFfUiDAAMSCK6h3QoDpJ1cUaSzsTUcNAuJA6SE7PdZ5Y2tQCA1cNj80yW1m_5BIqrRC6EeVWCXxoa13xIyLtjDveR2oN4-YLXxVL8xeqMn3xXmNHFzB85l0PRg4eJZoyMJ9Tuw8Dmww49kXh2uD3vhcpq5uzyBzxUxJIvGUUEZVHjUPwgmFrSlTEV8tULw2aL_G7RKDexww-w4NKUnLT7F0Np_KOoEidwai8ootpL6uR1KvHcjprGrgfwdA5lXJPOSrg567wyODFiHqW3dDdt9EUSOAd0pH-U24YeJCD8ts6v6H1wlfIC2BLPHa7KXIFbWV6xUy9fqVADQ22Mv2d-HlF8zlIz6H6kVoOiaEHDk0Ytxt5mq0GJdabutTAbdlY1DZCwsu_Rm1aY7hMtUuIFl3EeNwMRkQxfCM8aB1tcG3r2W-QLoVfYJdHiD0iPE6jflFmsEgEr0sH5lASXROfdFkO0rX1hQOB03tTnNkN0gOAj9ThKWYPIAaRDVMd4vhPrFtfsXZzqtUEXFEdb6iAKYO6GHNyz3zFcVy78Hp5-SvrG5GjbByparJPYHVyOztA8X3YiXPuwprOqYbSGtwuid9wXGcjy7fKWkAovGFcZYeAXMPBsBvP6koVvuaww21ORW5Cv1QYi5Y7e7zMvZhWBKPmjK8jUsc5ra3ouLTmR_o8zVbXiNZ28qB7BNKatbU23sKYzIJ5Px2-6Dvceqi-SgwszGt3dm2S_hGR14HKPYMEl88GlNh2PaGyAsjUONRbS-SgHk46fXDUKyGL0uQ5rH5LTECNvNV4p4k9XZkKVFfOll1lsgukOFbiiOav8rJnuQue_TffYYSXEYStZZGtBRminlSGArQp8MYrMCWBuQ_PUbnjV_N-8Q4mSWO1jqpSK9-02Hcd3lrW37F4OEc_FkEX3Cfc4CtLM2xRCL8c9AztIxEk0Z4PuZ_Cg8dSFqW3NfLBUPsUCcffDxy_nvsmtAADSXkqE0tlBnchMtf7j67jp3gLN2HmUDaMk-GOZFXKwSGwiwIRR3PCpUUjRAta1yvtuwq1Zxpefrqdgc1xBJDKHnHk60RdMXXF71amBL6sTZ6HZggmelPUdIXAbrF3a_RrzlReYyfZQJW2O83zKyc-oUpnYqeyYqByP3WQ-ePEOwsGYX02ZT7pqEjEc_NVb0ucKjb5Fj9QJX9dRnwpEwValtqX1TFRQmTJ39cA-mcw==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801251907638272&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=24050716588a766461833e46d7a07208cc7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:53 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACi7vAAAAAAAAAAB; Path=/; Expires=Thu, 06 Jun 2024 21:58:53 GMT; Secure; SameSite=None
OACIBLOCK=ACi7vAAAAABmObVQ; Path=/; Expires=Thu, 06 Jun 2024 21:58:53 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg | 45.133.44.25 | 200 OK | 3.0 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hashbbd50a964fd18363b647225883bbb908 960383ba8379454c49adc0ed9c0faf681a898d61 58deb046cbfa7bfae5ed5290686bda50b55be2bf0ea62f1577ca135a8fdeb10e
GET /m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:53 GMT
content-type: image/jpeg
content-length: 2972
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:46 GMT
etag: "66159aae-b9c"
x-request-id: bcbe6ea9e5034af8477860eea5b5ead2
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=6ef160fd-7461-408a-828d-a57571e89557&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=6ef160fd-7461-408a-828d-a57571e89557&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=6ef160fd-7461-408a-828d-a57571e89557&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=afd46660-1836-4a02-83fb-6cf43ad0bf29&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=afd46660-1836-4a02-83fb-6cf43ad0bf29&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=afd46660-1836-4a02-83fb-6cf43ad0bf29&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 172.67.183.69 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1068
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816; cf_clearance=TTIDFMGz1SyWV314.WvyzZfSEVvM0Va2UVfK.AJyRDE-1715119131-1.0.1.1-XvwRSqv6dRwRMWpDM.1YlsjRqHr2BIIr6vVa0aQTgY9AqlUtERg6JinYJeQAS7vWsHX5eV1YJxqvDUBOChpIqA; prefetchAd_7446033=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 21:58:54 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8804795c5bfab52d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.5 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashabcc813046cf427be4c339a90dd850b9 81638702dfd54f8f3fbc99319d5e052cc320dac3 35c779e6a53eea35b2640bc046270cde919a0ce066352726f002606dba472935
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1422
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 07 May 2024 21:58:54 GMT
content-type: application/json
content-length: 6495
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.5 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hash7d6b9310eb7af793d4d78758319bce5f a69102511bd7f41df6fcfe13ce8f4ed835f834c0 b59010aa0aa05f4b3661df1803e584aaac7a15e349dd4046e13284c70b4f68df
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1421
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 07 May 2024 21:58:54 GMT
content-type: application/json
content-length: 6485
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=03ebce33-2648-48ad-94e3-7905e4fd3d19&subid=1511354673&sid=3488177171&spot_id=529500&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=03ebce33-2648-48ad-94e3-7905e4fd3d19&subid=1511354673&sid=3488177171&spot_id=529500&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=03ebce33-2648-48ad-94e3-7905e4fd3d19&subid=1511354673&sid=3488177171&spot_id=529500&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:57 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
URL POST HTTP/263cc093d48.f336d0935e.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /in/multy HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:57 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/multy | 157.90.84.246 | 200 OK | 5.9 kB |
URL POST HTTP/263cc093d48.f336d0935e.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashcaf11232711cb73f206edc33d03e52ee 1cd2f708c412a314ff409dfd59b6815cdf0edb2f 8ae6a762b1731539f22deae8c6a03c0404a2106c48a5752ba17ed8fcd129b3e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /in/multy HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2403
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:57 GMT
content-type: application/json
content-length: 5941
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3dfbba53-e5a4-4586-90a0-7c0b9d9b71f8&prev_step_diff=858 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3dfbba53-e5a4-4586-90a0-7c0b9d9b71f8&prev_step_diff=858 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=3dfbba53-e5a4-4586-90a0-7c0b9d9b71f8&prev_step_diff=858 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:58 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Wed, 07 May 2025 21:58:58 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/show/?tag_ab=b&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119137&subid=1511354673&sid=3488177171&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&icons=GBpf3eHK0seB18OBxIJnrephFHTtPnh2y6Vr9roXJzC3FQxcf2s_1c685qRPpu-jxoVSdq2zTaNTeh3YL0OCRWGrhCMLFiFE_Ga42n9S10xe6FtIb4I85A2ma_pmMp_6cwsLE5X7zGperZn5lczgAMT1wuCpL__nCB4JMlZ3Mq0SqUYk6A&ext_cid=0&px_id=529500&min_cpm=0.09202212291281912&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8409852034297138076&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016677500219437567&cpm=0&verify_hash=a569d09d264c72e1684f5a923d0664b0&is_native=4&real_bid=0.0005014186267559986&original_bid_usd=0.0027666979999999997&original_bid=0.0027666979999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027666979999999997&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766698&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=a82e0318-e8d3-4f19-aabb-43b57fc5862c&prev_step_diff=858 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/263cc093d48.f336d0935e.com/in/show/?tag_ab=b&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119137&subid=1511354673&sid=3488177171&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&icons=GBpf3eHK0seB18OBxIJnrephFHTtPnh2y6Vr9roXJzC3FQxcf2s_1c685qRPpu-jxoVSdq2zTaNTeh3YL0OCRWGrhCMLFiFE_Ga42n9S10xe6FtIb4I85A2ma_pmMp_6cwsLE5X7zGperZn5lczgAMT1wuCpL__nCB4JMlZ3Mq0SqUYk6A&ext_cid=0&px_id=529500&min_cpm=0.09202212291281912&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8409852034297138076&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016677500219437567&cpm=0&verify_hash=a569d09d264c72e1684f5a923d0664b0&is_native=4&real_bid=0.0005014186267559986&original_bid_usd=0.0027666979999999997&original_bid=0.0027666979999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027666979999999997&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766698&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=a82e0318-e8d3-4f19-aabb-43b57fc5862c&prev_step_diff=858 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=b&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119137&subid=1511354673&sid=3488177171&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&icons=GBpf3eHK0seB18OBxIJnrephFHTtPnh2y6Vr9roXJzC3FQxcf2s_1c685qRPpu-jxoVSdq2zTaNTeh3YL0OCRWGrhCMLFiFE_Ga42n9S10xe6FtIb4I85A2ma_pmMp_6cwsLE5X7zGperZn5lczgAMT1wuCpL__nCB4JMlZ3Mq0SqUYk6A&ext_cid=0&px_id=529500&min_cpm=0.09202212291281912&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8409852034297138076&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016677500219437567&cpm=0&verify_hash=a569d09d264c72e1684f5a923d0664b0&is_native=4&real_bid=0.0005014186267559986&original_bid_usd=0.0027666979999999997&original_bid=0.0027666979999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027666979999999997&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766698&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=a82e0318-e8d3-4f19-aabb-43b57fc5862c&prev_step_diff=858 HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/show/?tag_ab=b&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119137&subid=1511354673&sid=3488177171&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DP3Ta_6qFz-dYDwg_cHkdZSYDUW6GiaPpGpuAD3f9lXn5rP_6W3MCAUm06WD6Xjl5WSXhk8bOhLTVIaO-FGJ1u0kSNDz81860DeEdBttTEQhxWnG6jmvX1F57BY2OwM82-9_7hAWrK-4Q83AtgR7aXeMGkQjTMx1RbOxAsC8f8K4nWl-SxJXyvSzm4Ai6pBtPVej72-8tvSToRwHPtqvrDG-CrMp1nnfPO19m2kCZ1Gwnn3vohaVbQ-jFDBuTbf1NWKSVAds2L6rhculpJ7vo2ifYGw5McHTqO2QnqmlMXYCjXOgFqEE09jsX8kYRehS6CeA3EKyTmqwbmweViianAFZIAI-HXvHJVa2w6UXsJ2NxKvzyCrvFJm30JjqR7ucbnryVqS2XgoOFZXhLRA776dS9doMea0igoXxr9-y-4APwxMxrAt4T8we2zBxLpwzurCtaC9U2FExF_sE3zg7i5uNuRmsjoZWuO4V2Th69EoFwhhESSOoveNUGOHcCx8s_Ww5dRHZHg9hiP8nwTc7ylfn5zvOqElPbScEDUjqisvBvgePxGr5C_f5Bq0dfBmq6pKsf9Ig78fjb5KeyrO0a7jvgFm9lGpmJvdeGa8HeOnFIQg8I305F-zwl31hzTmkXcDBuq0QPCUDL-tpNrc-iC3iMnfKeZ9n0SejwtmIN7ZnL1s42dWR0ctHpt-5QZPG2Msdco_DdqWCbGU1AFxvKE_HOeDbtcIzgX1JlMfBuSgDbJXtSFD9WmnYUuYgLraxcGtkaPOt0lNarchc4-oY_8gyw-e6VYAJiWQ91BFPc3x7E80MFw5FEKWX9mtvQossn8j-yHPspz8XmFDsncRYVjYcGDkoNJS0n8lHqMVmh6ZEIJm5Tfs-Or4ypEl0LWqb3MbKeqs_7OB7nS_R-C4vKnVlr_TVxHehI4hrl7cbIO6UUFkhH2viuHMYKvLD-w3HQP8-upNnVkkHVgiC2iKtBCtP7RXQ1RJ2TIlRR_qPW_9fhkQbMWDT_Mi274ai8DXoRPdVxUWIL0noPp8NWmgkAmtAcx_Ad3FDFtwMY9UWZUA3QlnmDuj9ju4rYEY8dcxaKTHbEg0bmb4yoWWYr3PNb2xkyOnnsoIqeVZ6eE7-pTO4Dnhu0H0d1luUgAdSgxfCAn1hGQiG571qHVYcGpnPcMpyxurUGZn7wCqFaxKcvcVYJ5Pi7lVk5PibMwrKGAYVFAwlsXOZd1mDd_ytO1EH_9om_k2mAlMqB_ViyM6kPAbeEmiOpt4_sUDzxymbDjV3pL-3Sdjb9PJjXErIxkKPXqRWqiD5LiZNkbiE-DqwwacxICpcpWg%26bid%3D0.023564826271630288&icons=41U-zZUC4fx5Bw61EVYQfe90ABmgbxRLAfhgFAcuBJNky4HC6wH0bUwwY74Rpx0mkNO8YsPCAsv8vdpB7DMt_mtsdMlavDlahTEzSCsfmnYUPw5RzLI44CKt1G8_tH1Wfxh2ir-9wC1GigDmcGcWwLqjO93WrpjgJp4OGf7l9pWEM39TpaHYgByXFVoAGCSSPnXUBBesuIusg9AW0qxenry-chiPo4df6cuiZfFlkCdcR20zU7hOppqvjjy5GJCVMTQuUm5ZEQSDg036DemX84CzFINEGlMT3jmZpKImXdfAMbAL6AhKJ1UxuVyfSHfua24OkXD8DIcdyIb1WPWIXge3zzh2dIJv7wwh6CGMzkeGp6hXSG2ZhJ4vv-aGeUAgbXELt-f4RB99t4i1NwSAemClY6Lu2_UjPWkxNlOXYdACAmxq0DWq52cSVwcHQ6Lahy0u5wxljpK5c7vz9jPjTC62ZbaEZ9XzhYbeH-xwvxrIK7_aGbZemhdjelQSem_kdINJUt6g_qDAOn9D944kGpLxNXylcRvs-FGIYLzEattelvw6aJxM0ydVE_WfQbr_A9KZd-J6saARl1tDbDQOu36KTiWwExXwrXevrHd4_4SfRpbM5kylYU2mdXGEnO1YCmnPs__0ME_vMt_VhSAKJEadls8KIJa8ka7KiRYXHdFAJfFkr_nvV2XDCn0TILNgeiKNxHIWc2F89NLTZqkgA_PbZWOOoRMnWCDnMIWNEVppZ5s5X30wyspVMAAEuSdCOIUdj-DXezs7tuCQcGe7TfD3jPc1lzKlWTNd7q3yHFJ3ZnWzpzip9UTBa52Ohryin0cg47IlqQmoyhiiDGB-WdkCffXDJ_BxJMmx_Pt5XEBkTTWbEx20bE7xmPpQ6IdbNYN8t7EhElIbeG2Z9jv_oyVJWtbFLM1m3eIqGDXmk6VmaHc3Ysfoz7Kghf3zifwqVtA7lTQGdWVwPp8HjR6CivqCjbq9GXDQctIiggjH_tYsPd19dtCHqy3eZNqtaTU_v0kQ_B1JmHZ2UNICt2ya7d2_EgbbXSpDGjG20j_7yLR43UKJSHLtmPkepClC-EybnjMNF7AM9qrYGqZlmqprrCj60zOC56sHPaMjHpIlsmScqQpVYzSo1j6tzZut4Mjor_Zb3IOU2DUMuNnaXqs9wl7E3AID8twmmR3l8pYHOWNfeaoYaAErAgZi3VCZDAA57xS96PhN-NiUFRBL1HxV0iVondry58QEL6xNKjjQGhGD_MRegfruB3qgEzoknKO6iAeIdEYr4TwPdX72KIVK54aZCIsAvp7rK1zt0ZmGk9TVCFVLSRF6-VU&ext_cid=224906&px_id=73529500&min_cpm=0.0038056109265296764&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8409852034297138076&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.023564826271630288&verify_hash=133ac98096dccc680ca7081cabcb5eb7&is_native=1&real_bid=0.02346585443277437&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,33,98,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1715291937&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=fbdfd51d-9143-4c9a-b05d-d3aca4105b1e&prev_step_diff=858 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/263cc093d48.f336d0935e.com/in/show/?tag_ab=b&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119137&subid=1511354673&sid=3488177171&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DP3Ta_6qFz-dYDwg_cHkdZSYDUW6GiaPpGpuAD3f9lXn5rP_6W3MCAUm06WD6Xjl5WSXhk8bOhLTVIaO-FGJ1u0kSNDz81860DeEdBttTEQhxWnG6jmvX1F57BY2OwM82-9_7hAWrK-4Q83AtgR7aXeMGkQjTMx1RbOxAsC8f8K4nWl-SxJXyvSzm4Ai6pBtPVej72-8tvSToRwHPtqvrDG-CrMp1nnfPO19m2kCZ1Gwnn3vohaVbQ-jFDBuTbf1NWKSVAds2L6rhculpJ7vo2ifYGw5McHTqO2QnqmlMXYCjXOgFqEE09jsX8kYRehS6CeA3EKyTmqwbmweViianAFZIAI-HXvHJVa2w6UXsJ2NxKvzyCrvFJm30JjqR7ucbnryVqS2XgoOFZXhLRA776dS9doMea0igoXxr9-y-4APwxMxrAt4T8we2zBxLpwzurCtaC9U2FExF_sE3zg7i5uNuRmsjoZWuO4V2Th69EoFwhhESSOoveNUGOHcCx8s_Ww5dRHZHg9hiP8nwTc7ylfn5zvOqElPbScEDUjqisvBvgePxGr5C_f5Bq0dfBmq6pKsf9Ig78fjb5KeyrO0a7jvgFm9lGpmJvdeGa8HeOnFIQg8I305F-zwl31hzTmkXcDBuq0QPCUDL-tpNrc-iC3iMnfKeZ9n0SejwtmIN7ZnL1s42dWR0ctHpt-5QZPG2Msdco_DdqWCbGU1AFxvKE_HOeDbtcIzgX1JlMfBuSgDbJXtSFD9WmnYUuYgLraxcGtkaPOt0lNarchc4-oY_8gyw-e6VYAJiWQ91BFPc3x7E80MFw5FEKWX9mtvQossn8j-yHPspz8XmFDsncRYVjYcGDkoNJS0n8lHqMVmh6ZEIJm5Tfs-Or4ypEl0LWqb3MbKeqs_7OB7nS_R-C4vKnVlr_TVxHehI4hrl7cbIO6UUFkhH2viuHMYKvLD-w3HQP8-upNnVkkHVgiC2iKtBCtP7RXQ1RJ2TIlRR_qPW_9fhkQbMWDT_Mi274ai8DXoRPdVxUWIL0noPp8NWmgkAmtAcx_Ad3FDFtwMY9UWZUA3QlnmDuj9ju4rYEY8dcxaKTHbEg0bmb4yoWWYr3PNb2xkyOnnsoIqeVZ6eE7-pTO4Dnhu0H0d1luUgAdSgxfCAn1hGQiG571qHVYcGpnPcMpyxurUGZn7wCqFaxKcvcVYJ5Pi7lVk5PibMwrKGAYVFAwlsXOZd1mDd_ytO1EH_9om_k2mAlMqB_ViyM6kPAbeEmiOpt4_sUDzxymbDjV3pL-3Sdjb9PJjXErIxkKPXqRWqiD5LiZNkbiE-DqwwacxICpcpWg%26bid%3D0.023564826271630288&icons=41U-zZUC4fx5Bw61EVYQfe90ABmgbxRLAfhgFAcuBJNky4HC6wH0bUwwY74Rpx0mkNO8YsPCAsv8vdpB7DMt_mtsdMlavDlahTEzSCsfmnYUPw5RzLI44CKt1G8_tH1Wfxh2ir-9wC1GigDmcGcWwLqjO93WrpjgJp4OGf7l9pWEM39TpaHYgByXFVoAGCSSPnXUBBesuIusg9AW0qxenry-chiPo4df6cuiZfFlkCdcR20zU7hOppqvjjy5GJCVMTQuUm5ZEQSDg036DemX84CzFINEGlMT3jmZpKImXdfAMbAL6AhKJ1UxuVyfSHfua24OkXD8DIcdyIb1WPWIXge3zzh2dIJv7wwh6CGMzkeGp6hXSG2ZhJ4vv-aGeUAgbXELt-f4RB99t4i1NwSAemClY6Lu2_UjPWkxNlOXYdACAmxq0DWq52cSVwcHQ6Lahy0u5wxljpK5c7vz9jPjTC62ZbaEZ9XzhYbeH-xwvxrIK7_aGbZemhdjelQSem_kdINJUt6g_qDAOn9D944kGpLxNXylcRvs-FGIYLzEattelvw6aJxM0ydVE_WfQbr_A9KZd-J6saARl1tDbDQOu36KTiWwExXwrXevrHd4_4SfRpbM5kylYU2mdXGEnO1YCmnPs__0ME_vMt_VhSAKJEadls8KIJa8ka7KiRYXHdFAJfFkr_nvV2XDCn0TILNgeiKNxHIWc2F89NLTZqkgA_PbZWOOoRMnWCDnMIWNEVppZ5s5X30wyspVMAAEuSdCOIUdj-DXezs7tuCQcGe7TfD3jPc1lzKlWTNd7q3yHFJ3ZnWzpzip9UTBa52Ohryin0cg47IlqQmoyhiiDGB-WdkCffXDJ_BxJMmx_Pt5XEBkTTWbEx20bE7xmPpQ6IdbNYN8t7EhElIbeG2Z9jv_oyVJWtbFLM1m3eIqGDXmk6VmaHc3Ysfoz7Kghf3zifwqVtA7lTQGdWVwPp8HjR6CivqCjbq9GXDQctIiggjH_tYsPd19dtCHqy3eZNqtaTU_v0kQ_B1JmHZ2UNICt2ya7d2_EgbbXSpDGjG20j_7yLR43UKJSHLtmPkepClC-EybnjMNF7AM9qrYGqZlmqprrCj60zOC56sHPaMjHpIlsmScqQpVYzSo1j6tzZut4Mjor_Zb3IOU2DUMuNnaXqs9wl7E3AID8twmmR3l8pYHOWNfeaoYaAErAgZi3VCZDAA57xS96PhN-NiUFRBL1HxV0iVondry58QEL6xNKjjQGhGD_MRegfruB3qgEzoknKO6iAeIdEYr4TwPdX72KIVK54aZCIsAvp7rK1zt0ZmGk9TVCFVLSRF6-VU&ext_cid=224906&px_id=73529500&min_cpm=0.0038056109265296764&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8409852034297138076&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.023564826271630288&verify_hash=133ac98096dccc680ca7081cabcb5eb7&is_native=1&real_bid=0.02346585443277437&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,33,98,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1715291937&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=fbdfd51d-9143-4c9a-b05d-d3aca4105b1e&prev_step_diff=858 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=b&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119137&subid=1511354673&sid=3488177171&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DP3Ta_6qFz-dYDwg_cHkdZSYDUW6GiaPpGpuAD3f9lXn5rP_6W3MCAUm06WD6Xjl5WSXhk8bOhLTVIaO-FGJ1u0kSNDz81860DeEdBttTEQhxWnG6jmvX1F57BY2OwM82-9_7hAWrK-4Q83AtgR7aXeMGkQjTMx1RbOxAsC8f8K4nWl-SxJXyvSzm4Ai6pBtPVej72-8tvSToRwHPtqvrDG-CrMp1nnfPO19m2kCZ1Gwnn3vohaVbQ-jFDBuTbf1NWKSVAds2L6rhculpJ7vo2ifYGw5McHTqO2QnqmlMXYCjXOgFqEE09jsX8kYRehS6CeA3EKyTmqwbmweViianAFZIAI-HXvHJVa2w6UXsJ2NxKvzyCrvFJm30JjqR7ucbnryVqS2XgoOFZXhLRA776dS9doMea0igoXxr9-y-4APwxMxrAt4T8we2zBxLpwzurCtaC9U2FExF_sE3zg7i5uNuRmsjoZWuO4V2Th69EoFwhhESSOoveNUGOHcCx8s_Ww5dRHZHg9hiP8nwTc7ylfn5zvOqElPbScEDUjqisvBvgePxGr5C_f5Bq0dfBmq6pKsf9Ig78fjb5KeyrO0a7jvgFm9lGpmJvdeGa8HeOnFIQg8I305F-zwl31hzTmkXcDBuq0QPCUDL-tpNrc-iC3iMnfKeZ9n0SejwtmIN7ZnL1s42dWR0ctHpt-5QZPG2Msdco_DdqWCbGU1AFxvKE_HOeDbtcIzgX1JlMfBuSgDbJXtSFD9WmnYUuYgLraxcGtkaPOt0lNarchc4-oY_8gyw-e6VYAJiWQ91BFPc3x7E80MFw5FEKWX9mtvQossn8j-yHPspz8XmFDsncRYVjYcGDkoNJS0n8lHqMVmh6ZEIJm5Tfs-Or4ypEl0LWqb3MbKeqs_7OB7nS_R-C4vKnVlr_TVxHehI4hrl7cbIO6UUFkhH2viuHMYKvLD-w3HQP8-upNnVkkHVgiC2iKtBCtP7RXQ1RJ2TIlRR_qPW_9fhkQbMWDT_Mi274ai8DXoRPdVxUWIL0noPp8NWmgkAmtAcx_Ad3FDFtwMY9UWZUA3QlnmDuj9ju4rYEY8dcxaKTHbEg0bmb4yoWWYr3PNb2xkyOnnsoIqeVZ6eE7-pTO4Dnhu0H0d1luUgAdSgxfCAn1hGQiG571qHVYcGpnPcMpyxurUGZn7wCqFaxKcvcVYJ5Pi7lVk5PibMwrKGAYVFAwlsXOZd1mDd_ytO1EH_9om_k2mAlMqB_ViyM6kPAbeEmiOpt4_sUDzxymbDjV3pL-3Sdjb9PJjXErIxkKPXqRWqiD5LiZNkbiE-DqwwacxICpcpWg%26bid%3D0.023564826271630288&icons=41U-zZUC4fx5Bw61EVYQfe90ABmgbxRLAfhgFAcuBJNky4HC6wH0bUwwY74Rpx0mkNO8YsPCAsv8vdpB7DMt_mtsdMlavDlahTEzSCsfmnYUPw5RzLI44CKt1G8_tH1Wfxh2ir-9wC1GigDmcGcWwLqjO93WrpjgJp4OGf7l9pWEM39TpaHYgByXFVoAGCSSPnXUBBesuIusg9AW0qxenry-chiPo4df6cuiZfFlkCdcR20zU7hOppqvjjy5GJCVMTQuUm5ZEQSDg036DemX84CzFINEGlMT3jmZpKImXdfAMbAL6AhKJ1UxuVyfSHfua24OkXD8DIcdyIb1WPWIXge3zzh2dIJv7wwh6CGMzkeGp6hXSG2ZhJ4vv-aGeUAgbXELt-f4RB99t4i1NwSAemClY6Lu2_UjPWkxNlOXYdACAmxq0DWq52cSVwcHQ6Lahy0u5wxljpK5c7vz9jPjTC62ZbaEZ9XzhYbeH-xwvxrIK7_aGbZemhdjelQSem_kdINJUt6g_qDAOn9D944kGpLxNXylcRvs-FGIYLzEattelvw6aJxM0ydVE_WfQbr_A9KZd-J6saARl1tDbDQOu36KTiWwExXwrXevrHd4_4SfRpbM5kylYU2mdXGEnO1YCmnPs__0ME_vMt_VhSAKJEadls8KIJa8ka7KiRYXHdFAJfFkr_nvV2XDCn0TILNgeiKNxHIWc2F89NLTZqkgA_PbZWOOoRMnWCDnMIWNEVppZ5s5X30wyspVMAAEuSdCOIUdj-DXezs7tuCQcGe7TfD3jPc1lzKlWTNd7q3yHFJ3ZnWzpzip9UTBa52Ohryin0cg47IlqQmoyhiiDGB-WdkCffXDJ_BxJMmx_Pt5XEBkTTWbEx20bE7xmPpQ6IdbNYN8t7EhElIbeG2Z9jv_oyVJWtbFLM1m3eIqGDXmk6VmaHc3Ysfoz7Kghf3zifwqVtA7lTQGdWVwPp8HjR6CivqCjbq9GXDQctIiggjH_tYsPd19dtCHqy3eZNqtaTU_v0kQ_B1JmHZ2UNICt2ya7d2_EgbbXSpDGjG20j_7yLR43UKJSHLtmPkepClC-EybnjMNF7AM9qrYGqZlmqprrCj60zOC56sHPaMjHpIlsmScqQpVYzSo1j6tzZut4Mjor_Zb3IOU2DUMuNnaXqs9wl7E3AID8twmmR3l8pYHOWNfeaoYaAErAgZi3VCZDAA57xS96PhN-NiUFRBL1HxV0iVondry58QEL6xNKjjQGhGD_MRegfruB3qgEzoknKO6iAeIdEYr4TwPdX72KIVK54aZCIsAvp7rK1zt0ZmGk9TVCFVLSRF6-VU&ext_cid=224906&px_id=73529500&min_cpm=0.0038056109265296764&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8409852034297138076&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.023564826271630288&verify_hash=133ac98096dccc680ca7081cabcb5eb7&is_native=1&real_bid=0.02346585443277437&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,33,98,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1715291937&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=fbdfd51d-9143-4c9a-b05d-d3aca4105b1e&prev_step_diff=858 HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg | 45.133.44.25 | 200 OK | 11 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hash7a0f4319e0c7d4e0ec42eae657ba39fd e2940c23868c5975a1dc1a3c963609b34abbe6b5 6c0278ead1dce8c37b6b233d5251184cd820586eeb5d30db860c1c7315d5dba0
GET /m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:58 GMT
content-type: image/jpeg
content-length: 11228
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:57 GMT
etag: "66159d89-2bdc"
x-request-id: 13aea49745d30295dcee0faf2bf8a0c1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=3Rm5ifoUkX93QypeJjjt7H2KIo6Ab84tSTcRlxS8L5ZIMLjaWDGTWTg6z_cVlAd7ga_XvxJV5tva1_--Km3Gm1iiXQc0E_pc7J7gdB5IWcvxl5EvEgiTydvRyUT5cjho94TrAhbaTaQQbqJS0vyWB5O52HbWweHXAOHJsVo6OH9IKSMUZ9kWsKL3-_etdSMBGuyUFUhROgPpy3dJxLDsZhRQFZT0oSftFTTEAiQj6NwisOr82Tw8IQBHrVcwjWLxnR8o4su9V1KBEmWZe8HwC6G6QvhRFwGQ1p0kclNC6vRs8SuW6e6vfkNGml9tVLQx3ZVIkL8qhrywI3apS3LNTFizu8S0cwA1Il-Fl6FMqwndoRCqfaT3_Nk2qZaG-GyI1HgxkanlTbxVKKauh3G80DEArg5d6-AzsfOFYC0oBYdbTRXRotOwOc9YIu4QzK2ip155OS43k_3aibj4BR7uLw-hw_CNRvbI0lRr-qyMtcM4Bcrt507ImT2tTqvD9mp9P4KQdOq9zT5f0OeIm5ZF6xM-wFA2dp9DvZUEJ_CR3Vz13lMIKhoyKIYcncNUTA_fBTEbjs-y4tTg19zdR9_Fvn3gmfneszDFqhEb6kNhcVIjJarAPVHw95r-8fxDtcj81aH9rNC9wWkwPl8mw6IhATFHUhD6EKyoY8chn15C-bfd-kZxL8ryRnacDNx-hqsZ7ALaNTubOAI3b6vQvCF8Ii9OE-KMNtKMSnZpBE9b-QCDxQinLWATe72Npg-cfvhbgYaPOKZPhbmrgB_onPfm0cjcrjSypMZNyagNtySmTu7DK9z6U8poBGTAXp1Mcz_JTvM4zFzdVJ4U1KF_I41qU1gcc1dUZfNWUv3Qq8QRCo-D8K1dpXKThFIL1f8o5A&bid=0.023564826271630288&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=73f615f7-7045-4cd9-9c95-bf3131e9a156&prev_step_diff=858 | 172.67.185.171 | 302 Found | 0 B |
URL GET HTTP/3p.a64x.com/in/tip_shows/?katds_ep=3Rm5ifoUkX93QypeJjjt7H2KIo6Ab84tSTcRlxS8L5ZIMLjaWDGTWTg6z_cVlAd7ga_XvxJV5tva1_--Km3Gm1iiXQc0E_pc7J7gdB5IWcvxl5EvEgiTydvRyUT5cjho94TrAhbaTaQQbqJS0vyWB5O52HbWweHXAOHJsVo6OH9IKSMUZ9kWsKL3-_etdSMBGuyUFUhROgPpy3dJxLDsZhRQFZT0oSftFTTEAiQj6NwisOr82Tw8IQBHrVcwjWLxnR8o4su9V1KBEmWZe8HwC6G6QvhRFwGQ1p0kclNC6vRs8SuW6e6vfkNGml9tVLQx3ZVIkL8qhrywI3apS3LNTFizu8S0cwA1Il-Fl6FMqwndoRCqfaT3_Nk2qZaG-GyI1HgxkanlTbxVKKauh3G80DEArg5d6-AzsfOFYC0oBYdbTRXRotOwOc9YIu4QzK2ip155OS43k_3aibj4BR7uLw-hw_CNRvbI0lRr-qyMtcM4Bcrt507ImT2tTqvD9mp9P4KQdOq9zT5f0OeIm5ZF6xM-wFA2dp9DvZUEJ_CR3Vz13lMIKhoyKIYcncNUTA_fBTEbjs-y4tTg19zdR9_Fvn3gmfneszDFqhEb6kNhcVIjJarAPVHw95r-8fxDtcj81aH9rNC9wWkwPl8mw6IhATFHUhD6EKyoY8chn15C-bfd-kZxL8ryRnacDNx-hqsZ7ALaNTubOAI3b6vQvCF8Ii9OE-KMNtKMSnZpBE9b-QCDxQinLWATe72Npg-cfvhbgYaPOKZPhbmrgB_onPfm0cjcrjSypMZNyagNtySmTu7DK9z6U8poBGTAXp1Mcz_JTvM4zFzdVJ4U1KF_I41qU1gcc1dUZfNWUv3Qq8QRCo-D8K1dpXKThFIL1f8o5A&bid=0.023564826271630288&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=73f615f7-7045-4cd9-9c95-bf3131e9a156&prev_step_diff=858 IP172.67.185.171:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=3Rm5ifoUkX93QypeJjjt7H2KIo6Ab84tSTcRlxS8L5ZIMLjaWDGTWTg6z_cVlAd7ga_XvxJV5tva1_--Km3Gm1iiXQc0E_pc7J7gdB5IWcvxl5EvEgiTydvRyUT5cjho94TrAhbaTaQQbqJS0vyWB5O52HbWweHXAOHJsVo6OH9IKSMUZ9kWsKL3-_etdSMBGuyUFUhROgPpy3dJxLDsZhRQFZT0oSftFTTEAiQj6NwisOr82Tw8IQBHrVcwjWLxnR8o4su9V1KBEmWZe8HwC6G6QvhRFwGQ1p0kclNC6vRs8SuW6e6vfkNGml9tVLQx3ZVIkL8qhrywI3apS3LNTFizu8S0cwA1Il-Fl6FMqwndoRCqfaT3_Nk2qZaG-GyI1HgxkanlTbxVKKauh3G80DEArg5d6-AzsfOFYC0oBYdbTRXRotOwOc9YIu4QzK2ip155OS43k_3aibj4BR7uLw-hw_CNRvbI0lRr-qyMtcM4Bcrt507ImT2tTqvD9mp9P4KQdOq9zT5f0OeIm5ZF6xM-wFA2dp9DvZUEJ_CR3Vz13lMIKhoyKIYcncNUTA_fBTEbjs-y4tTg19zdR9_Fvn3gmfneszDFqhEb6kNhcVIjJarAPVHw95r-8fxDtcj81aH9rNC9wWkwPl8mw6IhATFHUhD6EKyoY8chn15C-bfd-kZxL8ryRnacDNx-hqsZ7ALaNTubOAI3b6vQvCF8Ii9OE-KMNtKMSnZpBE9b-QCDxQinLWATe72Npg-cfvhbgYaPOKZPhbmrgB_onPfm0cjcrjSypMZNyagNtySmTu7DK9z6U8poBGTAXp1Mcz_JTvM4zFzdVJ4U1KF_I41qU1gcc1dUZfNWUv3Qq8QRCo-D8K1dpXKThFIL1f8o5A&bid=0.023564826271630288&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=73f615f7-7045-4cd9-9c95-bf3131e9a156&prev_step_diff=858 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 21:58:58 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k04OpZ1qHx5%2FpOqLSw8NMwPp1N%2FJdfaTYFqUWBlNvz1bWGm0eshZ92aq9quPhkAB9ZPCVR0fwfuI9UlpaZf2Rks%2F6uKJJfFkG3xGnuOv4uZsTFsprG%2BcZ0AsPB1k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880479752eb756bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg | 45.133.44.25 | 200 OK | 2.5 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hash9eb726ecf5e85e3b48f854490ff8284a d08b4f022e64d06f2642c5c9217d35b7851516d5 30bd73405bb72856107c9e940bece489b670970c3d2e4d6b592cc138a67a3c05
GET /m/p/0/777/777181/conversions/PguV688J-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:58 GMT
content-type: image/jpeg
content-length: 2460
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:49 GMT
etag: "66159d81-99c"
x-request-id: 064bc710493213dae1825c3b2f5e7289
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/chicken.gif?z=2025683&pb=13d346c8805ab092457543f62541c3ca1715126331&psp=lXA1HbkHPd-HqVibGpm8n5-5dpUMiBZWuqQNiGO6usy3WQLG0-ZGPMvBnZUkbN5hqoWroPBzRWgrhkOl-DbH0HFZKkIKJwE1TBsqSkxYfal_mf3mi37NctsQ-q30Qt3vEYwmRVIMeBedu6dZ_htzlrJGznz9JQ02pC1IwgTROlq-AYHCGjiLSpoUH8ycj9OieHNKoOwzLBgWUT_dcMp74di_OZcb1NzAeeoIaZ9yEHcXK-Om-ecJYTYprgarCHSj5tZmeqluv4otDGu3Mig7kcZcP5X_sLey1wlIA4IT12oPRiFTVQbtmI77KZyFdIYGrEjbe0vfk9OUHcomIoZvVFDZGUABXSbaq2BIp1UOc666LI5ZrMkvPgSwxRmZIIh_R5OLLVaLg4kfVDAklEv7z0UXtO5E4XipGd236qCYsmXwtIahdkid7-pmwTMieiwKvp-gmunwQTWezKsPYn_tbQJYP6V9_qNhj4h4FgGhKjXR_fjtd2ZGg89jnMSMvKpEIMZgSELxxTvWKQIWG9LttWRB-NamMtDxfjSKFe4CfYGd3gk3VEcaByPXU8VqadOOmor-ZijzBy0yDFB5du25WS6_bHYSt4Za7CWNLwWCin5HgITAbQzhNDawGVMCvxx1Qmh0CWrGnLf2ojs0RgsNpey8Ko3CEmE49ohltNbLfULJYou8PGGj-hgEF80-JiI=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275176372025344&eclog=0&im=1&_=0.7086626940136992 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2pyknrhm5c.com/chicken.gif?z=2025683&pb=13d346c8805ab092457543f62541c3ca1715126331&psp=lXA1HbkHPd-HqVibGpm8n5-5dpUMiBZWuqQNiGO6usy3WQLG0-ZGPMvBnZUkbN5hqoWroPBzRWgrhkOl-DbH0HFZKkIKJwE1TBsqSkxYfal_mf3mi37NctsQ-q30Qt3vEYwmRVIMeBedu6dZ_htzlrJGznz9JQ02pC1IwgTROlq-AYHCGjiLSpoUH8ycj9OieHNKoOwzLBgWUT_dcMp74di_OZcb1NzAeeoIaZ9yEHcXK-Om-ecJYTYprgarCHSj5tZmeqluv4otDGu3Mig7kcZcP5X_sLey1wlIA4IT12oPRiFTVQbtmI77KZyFdIYGrEjbe0vfk9OUHcomIoZvVFDZGUABXSbaq2BIp1UOc666LI5ZrMkvPgSwxRmZIIh_R5OLLVaLg4kfVDAklEv7z0UXtO5E4XipGd236qCYsmXwtIahdkid7-pmwTMieiwKvp-gmunwQTWezKsPYn_tbQJYP6V9_qNhj4h4FgGhKjXR_fjtd2ZGg89jnMSMvKpEIMZgSELxxTvWKQIWG9LttWRB-NamMtDxfjSKFe4CfYGd3gk3VEcaByPXU8VqadOOmor-ZijzBy0yDFB5du25WS6_bHYSt4Za7CWNLwWCin5HgITAbQzhNDawGVMCvxx1Qmh0CWrGnLf2ojs0RgsNpey8Ko3CEmE49ohltNbLfULJYou8PGGj-hgEF80-JiI=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275176372025344&eclog=0&im=1&_=0.7086626940136992 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2025683&pb=13d346c8805ab092457543f62541c3ca1715126331&psp=lXA1HbkHPd-HqVibGpm8n5-5dpUMiBZWuqQNiGO6usy3WQLG0-ZGPMvBnZUkbN5hqoWroPBzRWgrhkOl-DbH0HFZKkIKJwE1TBsqSkxYfal_mf3mi37NctsQ-q30Qt3vEYwmRVIMeBedu6dZ_htzlrJGznz9JQ02pC1IwgTROlq-AYHCGjiLSpoUH8ycj9OieHNKoOwzLBgWUT_dcMp74di_OZcb1NzAeeoIaZ9yEHcXK-Om-ecJYTYprgarCHSj5tZmeqluv4otDGu3Mig7kcZcP5X_sLey1wlIA4IT12oPRiFTVQbtmI77KZyFdIYGrEjbe0vfk9OUHcomIoZvVFDZGUABXSbaq2BIp1UOc666LI5ZrMkvPgSwxRmZIIh_R5OLLVaLg4kfVDAklEv7z0UXtO5E4XipGd236qCYsmXwtIahdkid7-pmwTMieiwKvp-gmunwQTWezKsPYn_tbQJYP6V9_qNhj4h4FgGhKjXR_fjtd2ZGg89jnMSMvKpEIMZgSELxxTvWKQIWG9LttWRB-NamMtDxfjSKFe4CfYGd3gk3VEcaByPXU8VqadOOmor-ZijzBy0yDFB5du25WS6_bHYSt4Za7CWNLwWCin5HgITAbQzhNDawGVMCvxx1Qmh0CWrGnLf2ojs0RgsNpey8Ko3CEmE49ohltNbLfULJYou8PGGj-hgEF80-JiI=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275176372025344&eclog=0&im=1&_=0.7086626940136992 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UID=24050716583fb8745cc7d746efa700daa7d6; CHCK=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:59 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 172.67.183.69 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 21:59:16 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 880479e56ed4b52d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| www.amdahost.com/watch.php?id=a336b4df9f | 172.67.183.69 | 200 OK | 12 kB |
URL User Request GET HTTP/2www.amdahost.com/watch.php?id=a336b4df9f IP172.67.183.69:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, ASCII text, with very long lines (6442), with CRLF, LF line terminators Hashc774a969903d7cff080e7d33b41f493c cb39d4d44f6604ada09fb3fe0aaa54a54cf6941c 6e7c377c2cd450c471b034089691f764fbf5ccb58d8886f9d524d3265236c47f
GET /watch.php?id=a336b4df9f HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816; path=/; domain=.amdahost.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QweiH7PJpWlcS3Oq1hwaFLcOvQiZcWIW9LCp6Yy47B4oFUOEpU5Oef36IIv0cVQbn7WrLUJY%2BcCcrQOo68pr5BE2UDLrrnlWxuHJObveE0VXgc4EH8Q54KmaY3IOamQeEnE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88047940a862b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.24 | 200 OK | 233 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65463) Size233 kB (232616 bytes) Hash9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3vgMAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af58563076014f8d1aa43a6628c03a14
x-accel-expires: @1715204572
x-accel-date: 1715118172
x-77-cache: HIT
x-77-age: 958
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 958
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyFePH76tY9IGeourP1ixa1EkBH5O_9F15jv_kCx8v-6LAWfc1yu6k4c98-MgccQBxKaebM | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyFePH76tY9IGeourP1ixa1EkBH5O_9F15jv_kCx8v-6LAWfc1yu6k4c98-MgccQBxKaebM IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyFePH76tY9IGeourP1ixa1EkBH5O_9F15jv_kCx8v-6LAWfc1yu6k4c98-MgccQBxKaebM HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Y1S_lkFtpeLr_bOXxNxp06aZhvhIAA:lMx5KU1lCzo2dx8i;Path=/;Expires=Thu, 07-May-2026 21:58:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 21:58:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQw1ypfAPwp8Steyg1tuN4cK0evZtAT43UkiJP1uZ4-Bn1U4pjFF3X3pAJju3tE2cxtJKPNIrQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250691530%3A1715119133364485&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-zFum64Dr5EDpt1DGv0ogQA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.amdahost.com/includes/update_visits.php | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 50
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816; cf_clearance=TTIDFMGz1SyWV314.WvyzZfSEVvM0Va2UVfK.AJyRDE-1715119131-1.0.1.1-XvwRSqv6dRwRMWpDM.1YlsjRqHr2BIIr6vVa0aQTgY9AqlUtERg6JinYJeQAS7vWsHX5eV1YJxqvDUBOChpIqA; prefetchAd_7446033=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:59:06 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FI6rMjGK3jAdb1mOD%2BrdOVwiyqatSmoziBJIDvh8O9vSp%2BWTkGdki669cXKtF9rK8OZ8%2BeVsmn4B%2Fvd4DllOj9EvT5G1NM65VNLNh4qtXVjQoq8BmE20rIk4KoFjgfSNqc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880479aafb76b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glakaits.net/?rb=cXcSutwC6m_yldy0iWQqISv-lmwQYJVMfWUG7VrLe7gVqdzjhA6fPbJnEwqO2bmQavehj6uiaNTaHlIN9w6gadwQSrxLUfncB_nBd0ACQSGbkxoRW41L2razdKnem1afJ620bLPJN0zWrF60zZpBfbBVqFAYRe69yCBEV5uUWl3eie-DU1QpASrE_KU5HwCT_7dJt8q3JNAP97lE_ahwjn_dKcbfxKulTmYmz6cS1YnefeTL195-0rTuDQ8A_6DMdlVVbv4wHiEoTLjf&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=f3bd2e00-e1d6-449d-adfb-4f52eadc2654&wasm=1&userId=0080556fa6f641c4fcbb798cc9b6c36c&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2glakaits.net/?rb=cXcSutwC6m_yldy0iWQqISv-lmwQYJVMfWUG7VrLe7gVqdzjhA6fPbJnEwqO2bmQavehj6uiaNTaHlIN9w6gadwQSrxLUfncB_nBd0ACQSGbkxoRW41L2razdKnem1afJ620bLPJN0zWrF60zZpBfbBVqFAYRe69yCBEV5uUWl3eie-DU1QpASrE_KU5HwCT_7dJt8q3JNAP97lE_ahwjn_dKcbfxKulTmYmz6cS1YnefeTL195-0rTuDQ8A_6DMdlVVbv4wHiEoTLjf&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=f3bd2e00-e1d6-449d-adfb-4f52eadc2654&wasm=1&userId=0080556fa6f641c4fcbb798cc9b6c36c&m=link IP139.45.197.242:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectglakaits.net Fingerprint1F:46:3E:C8:C5:6A:64:F5:29:66:0F:5C:6E:CD:48:77:10:EA:26:02 ValidityTue, 07 May 2024 18:52:12 GMT - Mon, 05 Aug 2024 18:52:11 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2360), with no line terminators Hashb4445652ed3a2eaa5acabd301c0dff43 f286d83fa3bcabc25ac77159e91c7254b7a7669a f619bb689d63727cd63a7c3bf5cc526df93af32385b4ff0b779013ca2b1bc486
GET /?rb=cXcSutwC6m_yldy0iWQqISv-lmwQYJVMfWUG7VrLe7gVqdzjhA6fPbJnEwqO2bmQavehj6uiaNTaHlIN9w6gadwQSrxLUfncB_nBd0ACQSGbkxoRW41L2razdKnem1afJ620bLPJN0zWrF60zZpBfbBVqFAYRe69yCBEV5uUWl3eie-DU1QpASrE_KU5HwCT_7dJt8q3JNAP97lE_ahwjn_dKcbfxKulTmYmz6cS1YnefeTL195-0rTuDQ8A_6DMdlVVbv4wHiEoTLjf&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=f3bd2e00-e1d6-449d-adfb-4f52eadc2654&wasm=1&userId=0080556fa6f641c4fcbb798cc9b6c36c&m=link HTTP/1.1
Host: glakaits.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/json
x-trace-id: 5e0cd018d50411edd65b3ea5f4013f9b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080556fa6f641c4fcbb798cc9b6c36c; expires=Wed, 07 May 2025 21:58:52 GMT; path=/; secure; SameSite=None
oaidts=1715119132; expires=Wed, 07 May 2025 21:58:52 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 21:58:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/dcd78e9358b6891f8d594bc7153a3bce/161855?version_name=b | 45.133.44.53 | 200 OK | 2.4 kB |
URL GET HTTP/28d80fcb421.a700fb9c8d.com/dcd78e9358b6891f8d594bc7153a3bce/161855?version_name=b IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject8d80fcb421.a700fb9c8d.com Fingerprint42:A0:FF:40:15:C5:29:E2:8E:7E:8F:55:FE:A4:8A:15:E0:17:77:CF ValiditySat, 04 May 2024 02:20:27 GMT - Fri, 02 Aug 2024 02:20:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dcd78e9358b6891f8d594bc7153a3bce/161855?version_name=b HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Tue, 07 May 2024 22:03:51 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 8b848d9744f1091a889c1c203238dd77
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6%2B8svRkacQMeHzBrMh06MAPxxE3%2BonA7WD3%2BGpquuQ2jlhD3DWPTJ0Jy3MObZ0wwcQQS45ZS1UFf9IAVehGcwludyY89Ijp3k14E9vgV7Mda5f903d%2BdrTDIgd0X2jc3reBUR4LSeeyvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804794f181456b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.mbidinp.com/skins/nmain.m.js | 45.133.44.52 | 200 OK | 470 kB |
URL GET HTTP/2js.mbidinp.com/skins/nmain.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /skins/nmain.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.106 | 200 OK | 5.8 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5866), with no line terminators Hash9a9a7fec0410c78b8c7601306b9fa182 7d736470060c2cbab18d2a59c043202c2d3dbaac 6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:58 GMT
date: Tue, 07 May 2024 21:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 799 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (817), with no line terminators Hashc493231efba2219e3348f16e938d7380 95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714450050_5f643473a4dce5fd.mp4 | 172.67.183.69 | 206 Partial Content | 117 kB |
URL GET HTTP/3www.amdahost.com/videos/1714450050_5f643473a4dce5fd.mp4 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size117 kB (117422 bytes) Hash9ea8e9b80012e02b5278eed4f3a73f10 df90a4515340f0d2bfbbc92b18e0f67ff16e0700 48fa75359998b4542b45c97b10cffbfa88091cd5ea3a38238d2451486c28ece7
GET /videos/1714450050_5f643473a4dce5fd.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=9404416-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Tue, 07 May 2024 21:58:52 GMT
content-type: video/mp4
content-length: 117422
etag: "914aae-66306e8b-8c165f;;;"
last-modified: Tue, 30 Apr 2024 04:07:39 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-range: bytes 9404416-9521837/9521838
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oz8He3fz20%2F0on0xh%2Fa54R0IECUzbi1Ke8kQ3TVOxid1cZ8nV3lYUCP5lp1cSkR%2B1zTl9rOn12WOxT4m%2FIrmhYZCzl0zn5mpHrm3hb6UcpGFTa2le9KFYxBvh59l2E4Bo2UN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804794d28fcb52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zovidree.com/tag.min.js | 172.67.166.14 | 200 OK | 90 kB |
IP172.67.166.14:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectzovidree.com FingerprintE7:A2:02:40:34:64:74:90:8F:C4:F5:DA:6D:7F:08:2D:33:29:9A:FD ValidityMon, 22 Apr 2024 15:25:10 GMT - Sun, 21 Jul 2024 15:25:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7573260aff69fe8406b0115ab4bcefaa f7f5c31f2481bd176a9b79deff1b7c0d4878f87c 280186476a1f8103793e2139d4654b16f61a2a1d393966388f55b8ed795ebba3
GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1a13b2616487079790d1ad15928b1eb9
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:51:41 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 May 2024 03:11:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 67609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncaiXBQ7Uot7197m4DFs5MdPiMMftKSZI2KCLeaJtABiZSJz2yn5ZSdavlOUWdWXpX5X3T%2BlChzhU9LkizOjQ%2BP%2FDGE3PsFqcBJziW8EI2dLTvg3CcBaD%2FJ8%2FvInT1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880479497b071c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/jSBEDII5OAbiZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqGlu7iKdQkfT71OcbrrL4nUsTD_BTJizg4Hfg?kws=video%2Csweetcat%2Cgrupa%2Cfacetem%2Csex&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20May%2007%202024%2021%3A58%3A51%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.4 | 200 OK | 1.5 kB |
URL GET HTTP/232879.2481april2024.com/jSBEDII5OAbiZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqGlu7iKdQkfT71OcbrrL4nUsTD_BTJizg4Hfg?kws=video%2Csweetcat%2Cgrupa%2Cfacetem%2Csex&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20May%2007%202024%2021%3A58%3A51%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeASCII text, with very long lines (1516), with no line terminators Hasha8f43d644417a921108e4bd91379bd39 783d4105fef5cc05d6dad03603ff54dcd74c4b87 5b9d0b41efa42c5173a0f0e1a832b906a4fbdcafc6f89eac704779e24f972a19
GET /jSBEDII5OAbiZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqGlu7iKdQkfT71OcbrrL4nUsTD_BTJizg4Hfg?kws=video%2Csweetcat%2Cgrupa%2Cfacetem%2Csex&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20May%2007%202024%2021%3A58%3A51%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:54 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Tue, 07 May 2024 21:58:54 UTC
expires: Tue, 07 May 2024 21:58:54 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=Tw7vWxiBP4bILX843QdqDI7rncVOVbpnHTwp1CvzDbNqjny5Cl8HjxDklFGaZrORialqdBTOwJd4QCD86yMqbLp9GEXHDd-AEADZC7aqcr1RCNpMgf6syO5eEQsDG_kK1Ewum1cRdnRKZZpbK0L2X8YnaOmYFdizzoQsCZJIQuhF5cqObi_6vclsC3bSj0dXAxZXV2gHaiJuqaA4K9Tl9tt4P-Zqwq2ArHQ6IrJZUgWHvBARL3iAE-GuscvoJcAPfkj5QQNLHhjJgx5I6XHQGg_7kNklX7zkt2QVTv-HY2bTZ8zZWGffuat1x-4o6NQAGatc7EQ0lVD3hd_sMcePV2TvRVfZGXBGR37gQG-N4aI8UbSuNEnYs_IorvtUx9RIsE9V4wIfwUlDZbSBEZesoz8P7XW70yRqceFTA38QBpN1DOZzYXZna7N4UazCVZNt4wtHZRLoy_7BfsBDgGo0q9T8gln0toG8W1OEUPnL6lEPTFUwLJ15aW24KvNWegUemtydOwV8FMI-uDa49bOO4YMHwWP-WhgzuLOmXo7U1brVDjDMVbQhyjXR7WYcGjG6-_qbhNEJJb3zchgm1M7wiQsEI4QTKw_vQJTYwZw2w0c27-cvDMB5Tk95XAUTuUeclu9mzOuqOoOLZfWhk-6AlNR4hOCAE5_Cm2icb7Z6d8Lq4lGsTHxy-qobT9zRl210eqzp0skC4IjBX0e0mkBVWooLoF-ZCIzpoZdXoE1CL40o7up927GsqO7-UaUMCfGYQhyuUzTE0mFQVaBAmvcUkRUmg-gvESC2569l7LoaG5yDW83ZGH1N1vL2_k2vsf3KQbGo0IGleZgtZk2NBwPv2NhuQqLYcf2n-cOgjGbwALU9i9924trf9A7C5jY1&bid=0.0218843052409496&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.03&cpa=b87b6300-e00e-4c04-a1bb-be313d309953&prev_step_diff=865 | 172.67.185.171 | 302 Found | 3.0 kB |
URL GET HTTP/2p.a64x.com/in/tip_shows/?katds_ep=Tw7vWxiBP4bILX843QdqDI7rncVOVbpnHTwp1CvzDbNqjny5Cl8HjxDklFGaZrORialqdBTOwJd4QCD86yMqbLp9GEXHDd-AEADZC7aqcr1RCNpMgf6syO5eEQsDG_kK1Ewum1cRdnRKZZpbK0L2X8YnaOmYFdizzoQsCZJIQuhF5cqObi_6vclsC3bSj0dXAxZXV2gHaiJuqaA4K9Tl9tt4P-Zqwq2ArHQ6IrJZUgWHvBARL3iAE-GuscvoJcAPfkj5QQNLHhjJgx5I6XHQGg_7kNklX7zkt2QVTv-HY2bTZ8zZWGffuat1x-4o6NQAGatc7EQ0lVD3hd_sMcePV2TvRVfZGXBGR37gQG-N4aI8UbSuNEnYs_IorvtUx9RIsE9V4wIfwUlDZbSBEZesoz8P7XW70yRqceFTA38QBpN1DOZzYXZna7N4UazCVZNt4wtHZRLoy_7BfsBDgGo0q9T8gln0toG8W1OEUPnL6lEPTFUwLJ15aW24KvNWegUemtydOwV8FMI-uDa49bOO4YMHwWP-WhgzuLOmXo7U1brVDjDMVbQhyjXR7WYcGjG6-_qbhNEJJb3zchgm1M7wiQsEI4QTKw_vQJTYwZw2w0c27-cvDMB5Tk95XAUTuUeclu9mzOuqOoOLZfWhk-6AlNR4hOCAE5_Cm2icb7Z6d8Lq4lGsTHxy-qobT9zRl210eqzp0skC4IjBX0e0mkBVWooLoF-ZCIzpoZdXoE1CL40o7up927GsqO7-UaUMCfGYQhyuUzTE0mFQVaBAmvcUkRUmg-gvESC2569l7LoaG5yDW83ZGH1N1vL2_k2vsf3KQbGo0IGleZgtZk2NBwPv2NhuQqLYcf2n-cOgjGbwALU9i9924trf9A7C5jY1&bid=0.0218843052409496&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.03&cpa=b87b6300-e00e-4c04-a1bb-be313d309953&prev_step_diff=865 IP172.67.185.171:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=Tw7vWxiBP4bILX843QdqDI7rncVOVbpnHTwp1CvzDbNqjny5Cl8HjxDklFGaZrORialqdBTOwJd4QCD86yMqbLp9GEXHDd-AEADZC7aqcr1RCNpMgf6syO5eEQsDG_kK1Ewum1cRdnRKZZpbK0L2X8YnaOmYFdizzoQsCZJIQuhF5cqObi_6vclsC3bSj0dXAxZXV2gHaiJuqaA4K9Tl9tt4P-Zqwq2ArHQ6IrJZUgWHvBARL3iAE-GuscvoJcAPfkj5QQNLHhjJgx5I6XHQGg_7kNklX7zkt2QVTv-HY2bTZ8zZWGffuat1x-4o6NQAGatc7EQ0lVD3hd_sMcePV2TvRVfZGXBGR37gQG-N4aI8UbSuNEnYs_IorvtUx9RIsE9V4wIfwUlDZbSBEZesoz8P7XW70yRqceFTA38QBpN1DOZzYXZna7N4UazCVZNt4wtHZRLoy_7BfsBDgGo0q9T8gln0toG8W1OEUPnL6lEPTFUwLJ15aW24KvNWegUemtydOwV8FMI-uDa49bOO4YMHwWP-WhgzuLOmXo7U1brVDjDMVbQhyjXR7WYcGjG6-_qbhNEJJb3zchgm1M7wiQsEI4QTKw_vQJTYwZw2w0c27-cvDMB5Tk95XAUTuUeclu9mzOuqOoOLZfWhk-6AlNR4hOCAE5_Cm2icb7Z6d8Lq4lGsTHxy-qobT9zRl210eqzp0skC4IjBX0e0mkBVWooLoF-ZCIzpoZdXoE1CL40o7up927GsqO7-UaUMCfGYQhyuUzTE0mFQVaBAmvcUkRUmg-gvESC2569l7LoaG5yDW83ZGH1N1vL2_k2vsf3KQbGo0IGleZgtZk2NBwPv2NhuQqLYcf2n-cOgjGbwALU9i9924trf9A7C5jY1&bid=0.0218843052409496&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.03&cpa=b87b6300-e00e-4c04-a1bb-be313d309953&prev_step_diff=865 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 21:58:53 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HOn1hQGEvFe0rVfwY6J2hOQElZPD9aeBor1BPK7vdc3HjoRMVlb2JY6t1t96HOXauPt2%2FbHTLo9oefCY8f9saHAZGUSvv7uEC3aVHb4RvGP04v3qGP2x1cfudQp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880479575b43b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 172.67.183.69 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:58:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4760
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=if0zygFQssdthaN1KaVva6N3h90cVSUsPhPreDsyJ7x4IUEevCXzZuRmqCgd1KOPDn9V5n2RAWB1NHNZGl6XfncCXcwvEZXId2SKwYJU7Jprvq5CmS6iANm5hXRGnaON7hJw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880479431929b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.80.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19189), with no line terminators Hash4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:50 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 880479436e8b7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:frYAcxJ2wCSyvmDwbrSAIPHWYJSx7Q:ohs9t4IiXMaSuMzK; Expires=Thu, 07-May-2026 21:58:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 21:58:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyFePH76tY9IGeourP1ixa1EkBH5O_9F15jv_kCx8v-6LAWfc1yu6k4c98-MgccQBxKaebM
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-IyGQtIcwV0vOYxjnTUsrkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto IP139.45.197.245:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3160), with no line terminators Hashbad110e4b6aacfbd8e5911737bb406dd 502a91e01e128a2c23f6360cab63996f3ff432b0 33d77706a492d4d22cefa9cda95100cdd3f355b4a84ac179b3b8f8ff8341e397
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/7446033/?oo=1&js_build=iclick-v1.788.9-auto HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/json
x-trace-id: 67caab8a3712c9fbbccf6ab9a3794462
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080556fa6f641c4fcbb798cc9b6c36c; expires=Wed, 07 May 2025 21:58:51 GMT; path=/; secure; SameSite=None
oaidts=1715119131; expires=Wed, 07 May 2025 21:58:51 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/110a65cc169b283c3c7819a3fe77e180.js | 45.133.44.53 | 200 OK | 101 kB |
URL GET HTTP/28d80fcb421.a700fb9c8d.com/110a65cc169b283c3c7819a3fe77e180.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject8d80fcb421.a700fb9c8d.com Fingerprint42:A0:FF:40:15:C5:29:E2:8E:7E:8F:55:FE:A4:8A:15:E0:17:77:CF ValiditySat, 04 May 2024 02:20:27 GMT - Fri, 02 Aug 2024 02:20:26 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /110a65cc169b283c3c7819a3fe77e180.js HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 420 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash75f97bdeb174d8b64c2078ceff6726a3 beb63d63eb0398c4e6f15b6f2ad83c9fd7ef272d 0dd00245b771e2aada55e76fe50ee64c186e9413f70b1fc54da284a2cab024c6
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714450050_5f643473a4dce5fd.mp4 | 172.67.183.69 | 206 Partial Content | 129 kB |
URL GET HTTP/3www.amdahost.com/videos/1714450050_5f643473a4dce5fd.mp4 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size129 kB (129136 bytes) Hash68b5605cf2405c071165d394029e4368 e749278f9cbdabfef68c80956b22168c2c8e83e9 303efba2564708ce3ec330a42866c15c6ef65d7c26aea477dbbc8e5a2302dbf9
GET /videos/1714450050_5f643473a4dce5fd.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Tue, 07 May 2024 21:58:51 GMT
content-type: video/mp4
content-length: 9521838
etag: "914aae-66306e8b-8c165f;;;"
last-modified: Tue, 30 Apr 2024 04:07:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-9521837/9521838
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyIkrwA9REO3Gu3X4UKfTLsfvlbdh2wA%2BZrx41hod89ofFCxCQF49TtLNuHAlXMaUmv9dOFwOOJWHxoV%2F8lSn2UGu9Z96UCEMlJgWcY8A1UaJXTBRdX5BRRIWS%2FyRmlQeu%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880479496e1cb52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1310), with no line terminators Hash6ed7e36a675f79912a60041296e6712c 90726391e4efdc836774a463094dbce3f980c761 59214048cf850c5c635c4bd6669db6222a200dd806e8ec2b2e8f504fa0b9393d
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.js | 45.133.44.53 | 200 OK | 1.7 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1884), with no line terminators Hash920f349834adf2faa94a7c6047814e52 34557304112fe9d61f23b8f89ceead6db43b98d4 2ddd6ffb00a0971092562d2c424678425e8496d315e38967a4ca2e26fdcfeafc
GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:54 GMT
etag: W/"663a186e-6c4"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 172.67.183.69 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816; cf_clearance=TTIDFMGz1SyWV314.WvyzZfSEVvM0Va2UVfK.AJyRDE-1715119131-1.0.1.1-XvwRSqv6dRwRMWpDM.1YlsjRqHr2BIIr6vVa0aQTgY9AqlUtERg6JinYJeQAS7vWsHX5eV1YJxqvDUBOChpIqA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2538
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UK%2FosAhZWned3kHkb%2Bv4a0%2FbdpMzP4dDk8QXRbnRnN906e%2B0A50s1t8F6zZ%2FjQOapcpxddPhE75dtS%2FkXJwv4lTE3QmEW0aADivHDH9MzkAx77tdAkuXvzhUd4ljYHquBcWk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804794eea3ab52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.24 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:53 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Wed, 07 May 2025 21:58:53 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 21:58:50 GMT
date: Tue, 07 May 2024 21:58:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023376558333952&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023376558333952&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6023376558333952&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:51 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
UID=2405071658535c924bf0bf453f96679d1c37; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js | 172.67.183.69 | 200 OK | 7.8 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7846), with no line terminators Hashf65d1a128e31b1a12fbf0d7c8b5f3b04 0b0fc0ef12cdfb05b2f34d2975c3ab8ecec5d52f 3f81a9f0e7594ff0a8aba24e68288a01938a519e2c88bcd259871a82de7678dc
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkXC8gahyyb0%2BfGG9G9FNNTYAujAJWRpWM4e%2Bod0a2MGW0y%2B%2F2MF%2BBiAW%2BkqlRCR9cDAA48YS%2FErZZ4SVl3oAmHn5x9RcGA7CoCLsSxeHJtywa6MQgHDmJWJVg6TK9VksBUd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804794bf832b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.mbidtg.com/tags/179977?version_name=b | 45.133.44.24 | 200 OK | 2.2 kB |
URL GET HTTP/2bid.mbidtg.com/tags/179977?version_name=b IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectbid.mbidtg.com Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67 ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2494), with no line terminators Hash6dd06c3be91240ac87d476628c579d45 7c9f39156f3db5c6c71d1ea5a218d3b5846fa8e8 3c8c08c131dffa0910f3b5e37167775faebe95977cd2752a5471c60963851c13
GET /tags/179977?version_name=b HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/88047940a862b511 | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/88047940a862b511 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/88047940a862b511 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12190
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=a336b4df9f
Cookie: PHPSESSID=23d96268c344b423e82ca3859fc6e816
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:58:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=TTIDFMGz1SyWV314.WvyzZfSEVvM0Va2UVfK.AJyRDE-1715119131-1.0.1.1-XvwRSqv6dRwRMWpDM.1YlsjRqHr2BIIr6vVa0aQTgY9AqlUtERg6JinYJeQAS7vWsHX5eV1YJxqvDUBOChpIqA; Path=/; Expires=Wed, 07-May-25 21:58:51 GMT; Domain=.amdahost.com; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lmVjNS2qpA%2B%2FGwLiCzS164iE0LJpBoh7P0u3zE5sqC86b4IaDiKMtWUREuMiQuN4Zbs6KYmNTb0Wv54RM391z%2Bk3bUYZE4B1ZdagxKFrIpCrq2uyNEzXpkcDOV9JnpHlNIg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804794d28f8b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQw1ypfAPwp8Steyg1tuN4cK0evZtAT43UkiJP1uZ4-Bn1U4pjFF3X3pAJju3tE2cxtJKPNIrQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250691530%3A1715119133364485&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQw1ypfAPwp8Steyg1tuN4cK0evZtAT43UkiJP1uZ4-Bn1U4pjFF3X3pAJju3tE2cxtJKPNIrQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250691530%3A1715119133364485&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQw1ypfAPwp8Steyg1tuN4cK0evZtAT43UkiJP1uZ4-Bn1U4pjFF3X3pAJju3tE2cxtJKPNIrQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-250691530%3A1715119133364485&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 21:58:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-ZqpFRX8QFPNGMnBKZ7Afmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.201 | 200 OK | 158 kB |
URL GET HTTP/2mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hashc6ea5aedb4469e81f7d41b0eec41f409 7d7edc7b87462fb56c5e3c17c86bebad542d1d6f 72ad45cf0dd548c1f9611c35289dec90c22375b45bf1aa33d6a14ac7f896865b
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:50 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/get/2020090?zoneid=2020090&jp=_clgnd7cvvv0ygmlukipgah&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801251907638272&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 14 kB |
URL GET HTTP/2mpougdusr.com/get/2020090?zoneid=2020090&jp=_clgnd7cvvv0ygmlukipgah&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801251907638272&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (14516), with no line terminators Hashcbd110594b0e7eec9012de7422dacb3b 643b54202bcf2f7cc2046cfb1334b403778f91d2 d61f7feacac2df98d2a3ea7982d8df81bcfb3cebd19c1dc4294ff35c139ff037
GET /get/2020090?zoneid=2020090&jp=_clgnd7cvvv0ygmlukipgah&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801251907638272&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:58:51 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
UID=24050716588a766461833e46d7a07208cc7a; Path=/; Expires=Tue, 10 Jun 2025 21:58:51 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/9f8781cc63b095275470f5973e6f8461.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/28d80fcb421.a700fb9c8d.com/9f8781cc63b095275470f5973e6f8461.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subject8d80fcb421.a700fb9c8d.com Fingerprint42:A0:FF:40:15:C5:29:E2:8E:7E:8F:55:FE:A4:8A:15:E0:17:77:CF ValiditySat, 04 May 2024 02:20:27 GMT - Fri, 02 Aug 2024 02:20:26 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /9f8781cc63b095275470f5973e6f8461.js HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:58:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Tue, 07 May 2024 22:03:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=b&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119132&subid=1211831614&sid=2734670709&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&icons=YZYf75WizMgpL17XBfVWQtg9zqO6BDEgU2qzSjSYASyd9Zv08Ngzm_ERYREgXBGOdtrvsCF31F6B081e2bkexo5OaTglbQtjWaduDct5JJIbSvBBcrlYdLnargj_EPz6YSeaJyulK0m32kGH7zk-q8HS018Oq8tWZQjXd6WInb_TtyKlTg&ext_cid=0&px_id=560190&min_cpm=0.09202212291281912&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=1475945489521637793&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.019093783636031845&cpm=0&verify_hash=ba390292148cbca8d6414b85b7c733e2&is_native=4&real_bid=0.0005740655760385964&original_bid_usd=0.0027666979999999997&original_bid=0.0027666979999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027666979999999997&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766698&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=0561f58d-ddcb-4ed1-8f69-da800d4d19f9&prev_step_diff=865 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=b&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119132&subid=1211831614&sid=2734670709&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&icons=YZYf75WizMgpL17XBfVWQtg9zqO6BDEgU2qzSjSYASyd9Zv08Ngzm_ERYREgXBGOdtrvsCF31F6B081e2bkexo5OaTglbQtjWaduDct5JJIbSvBBcrlYdLnargj_EPz6YSeaJyulK0m32kGH7zk-q8HS018Oq8tWZQjXd6WInb_TtyKlTg&ext_cid=0&px_id=560190&min_cpm=0.09202212291281912&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=1475945489521637793&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.019093783636031845&cpm=0&verify_hash=ba390292148cbca8d6414b85b7c733e2&is_native=4&real_bid=0.0005740655760385964&original_bid_usd=0.0027666979999999997&original_bid=0.0027666979999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027666979999999997&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766698&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=0561f58d-ddcb-4ed1-8f69-da800d4d19f9&prev_step_diff=865 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=a336b4df9f CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=b&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3Da336b4df9f&refdom=www.amdahost.com&auction_time=1715119132&subid=1211831614&sid=2734670709&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253Da336b4df9f%26idzone%3D0%26sid%3D1886&icons=YZYf75WizMgpL17XBfVWQtg9zqO6BDEgU2qzSjSYASyd9Zv08Ngzm_ERYREgXBGOdtrvsCF31F6B081e2bkexo5OaTglbQtjWaduDct5JJIbSvBBcrlYdLnargj_EPz6YSeaJyulK0m32kGH7zk-q8HS018Oq8tWZQjXd6WInb_TtyKlTg&ext_cid=0&px_id=560190&min_cpm=0.09202212291281912&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=1475945489521637793&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.019093783636031845&cpm=0&verify_hash=ba390292148cbca8d6414b85b7c733e2&is_native=4&real_bid=0.0005740655760385964&original_bid_usd=0.0027666979999999997&original_bid=0.0027666979999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027666979999999997&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766698&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=0561f58d-ddcb-4ed1-8f69-da800d4d19f9&prev_step_diff=865 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 21:58:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|