| www.amdahost.com/media/logo.png | 172.67.183.69 | 200 OK | 26 kB |
URL GET HTTP/3www.amdahost.com/media/logo.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 382 x 70, 8-bit/color RGBA, non-interlaced Hash9c5c0fe1ed466c1a4801524b31777955 eb7bfae0af480eae554a937a9f64e96a0a4f734a 62b08c1489fff9fb4cf4d33857fb46d4f8298c3f74fc57f92279bdad95472640
GET /media/logo.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: image/png
content-length: 25625
last-modified: Fri, 15 Mar 2024 19:45:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6303
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSrxb3v6U5JkmuUsBi%2FBBMgmNAuyFBFBeXKPud3l7jRvLOqrKXRdYkRrZaXUQFmbqlqiGnkkEz3lriWYN3hqA2%2Fly7NL%2Bxs4lPw4Eohf2IUaYb2Nwx4%2FoLh32QOscrzNGXUV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a023fb6db5b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.74 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:18:46 GMT
expires: Wed, 23 Apr 2025 07:18:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 210335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.194.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.194.217:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Thu, 25 Apr 2024 17:44:21 GMT
x-served-by: cache-hel1410025-HEL
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.65.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.65.229:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 17:44:21 GMT
age: 4199351
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1714066566_2a5ee584eb3143d4.jpg | 172.67.183.69 | 200 OK | 20 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714066566_2a5ee584eb3143d4.jpg IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash0ee9f4474562c6477e526fd1eb61f141 997b96b069ca6a41f6c0f85a99665f93839d3d4b c468bda3f389eea2a66cd9c847a7ac9c0ed0c20f6cc91da788b71a90a37c4437
GET /thumbnails/1714066566_2a5ee584eb3143d4.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: image/jpeg
content-length: 19507
last-modified: Thu, 25 Apr 2024 17:36:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNLVWXdmLQaOEZ73rYCcQsJsnDU2ic7uWPw0KRjChJvs0TaPEy%2ByIiBOeCmEQH3beMVa6%2B6baoa9P1piD6Ws2ZFAWkvb5OLwNmhcomo50USk5tc8S%2F4ztOaMTcuhAslwrmQk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a023fb6db8b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.tailwindcss.com/3.4.3 | 104.22.21.144 | 200 OK | 125 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size125 kB (125114 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 2497666
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a023fbda6756ab-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 | 216.58.207.227 | 200 OK | 14 kB |
URL GET HTTP/2fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13820, version 1.0 Hash2dd698f2699a5ef991625825011bff90 523ff9357131751e57dd78cb92b218a49a130d1d 02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
GET /s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:34:37 GMT
expires: Fri, 25 Apr 2025 02:34:37 GMT
cache-control: public, max-age=31536000
age: 54584
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/watch_direct.php?id=1283a8bb98 | 172.67.183.69 | 200 OK | 15 kB |
URL User Request GET HTTP/2www.amdahost.com/watch_direct.php?id=1283a8bb98 IP172.67.183.69:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12986), with CRLF, LF line terminators Hashfe72786cc71200ba87d722fbb0391fcf fdbd9cfbebdcf3b657da682794193b2fc1b88751 61d3e4a0a9c795b3fa724ea1adfab4c30697dd9fa146f23734820640d204842a
GET /watch_direct.php?id=1283a8bb98 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:20 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e; path=/; domain=.amdahost.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyeu7sIk%2BGO7eoQxZ0ExOQIZ%2F9WbUe4UjMNqW0hDrNBJituy3DjIgRrgoRODNjh9GTHRlsjm7Y34lsxyzn7q4KglD5N9A6tSAIdBuCu%2Bivr%2BHLmJBk9w4HKWE8%2FD0GgXFky2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a023f86d317129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js | 212.117.190.201 | 200 OK | 40 kB |
URL GET HTTP/2ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Hash282e4211c6aa475b438a8af84a2d5f2a 236912a2a74165b3864a118f55461948e6a25e13 51a486924bfae60d6f89619eda1ea7ee9313d1d74039b03f98dc03536b0469fb
GET /aas/r45d/vki/2020088/3f23ef09.js HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 6.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash66cc28200e59e25f2b5815e382cfb84a 08dd55a6b48fc9ac91a589ff8a65bf9bd1194693 1b7de716db9a5ee54915dd2871b4d700af9bfb556993087d98ec5313d6f55dbf
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 96b600f50a.a0e351a3aa.com/ab53eeb29e62691b807c79280e298496.js | 45.133.44.53 | 200 OK | 36 kB |
URL GET HTTP/296b600f50a.a0e351a3aa.com/ab53eeb29e62691b807c79280e298496.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject96b600f50a.a0e351a3aa.com FingerprintAD:AF:F1:6D:B3:03:A9:36:49:20:2F:CC:29:B3:F0:E6:2D:A0:EA:6D ValidityMon, 22 Apr 2024 02:20:27 GMT - Sun, 21 Jul 2024 02:20:26 GMT
File typegzip compressed data, from Unix Hasha94c580da0b66df26cd9646fa3144d36 b95cb993caeb28d9a8d51cdf78d2d96663ea143b 6f00023b6cfc7230e1e1cd3b3bbd2a4df205b6a506d071c8b88e54470205ac46
GET /ab53eeb29e62691b807c79280e298496.js HTTP/1.1
Host: 96b600f50a.a0e351a3aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Thu, 25 Apr 2024 17:49:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/venor.php | 95.211.229.246 | 200 OK | 21 B |
IP95.211.229.246:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typevery short file (no magic) Hashcfcd208495d565ef66e7dff9f98764da b6589fc6ab0dc82cf12099d1c2d40ab994e8410c 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /venor.php HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 17:44:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s.magsrv.com/v1/api.php | 95.211.229.247 | 200 OK | 3.3 kB |
IP95.211.229.247:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
Hash6667e3840921b9fe837ae3cae5186ab3 0b66f5ae1510413c4509e545f44dc5afe4efd0ae b675a4d9f0958f95d98ac1d7cc5ae9d48d1a5cfb3730dddbb9574a828b442e8c
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 371
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 17:44:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662a9676505666.596523382938577783%22%3B%7D; expires=Sat, 25-Apr-2026 17:44:22 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 116.202.233.120 | 200 OK | 144 kB |
URL GET HTTP/2show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP116.202.233.120:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoDaddy.com, Inc. Subjectshow.revopush.com Fingerprint14:6E:2A:BA:82:13:C7:FC:12:52:18:54:8C:98:74:9E:31:18:6B:94 ValidityFri, 22 Mar 2024 16:58:42 GMT - Sat, 22 Mar 2025 16:58:42 GMT
Size144 kB (144247 bytes) Hash86c49914d58fc9173522480832615b36 8854dd6558bae530470b11bc611907e0571117a6 3d480b5021a3a2a6f51a3ea77d197e1fcaec15f496d2cb04c817c2b827530478
GET /api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.amdahost.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 25 Apr 2024 17:49:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 41 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash25e05d694d1fa0778e828f824ea9c815 1040a0ab032a9ebcad731794f4a46cd1479ec51c 36cb6832b2c18987eccf356720215102b8b39b8de4ff4fd31b1d77e1b205d0b5
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a023f86d317129 | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a023f86d317129 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a023f86d317129 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12200
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=SYliCKRwvSumtnF02Xk0k5OHLejfdJXCPWSoh0akz4c-1714067063-1.0.1.1-9GdC5X8FMSDEIw22UgO44ouG_8l_3xdGF14EftZ7PUfGaskfAuK4Ha9gh14ofBdDWG7dhoCKUiWQDiVBW4qb3w; path=/; expires=Fri, 25-Apr-25 17:44:23 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVMJ48%2BSHYAFnoR4MhkXoi7RTq0c3sW10KGoJ0mqY0jOIgB0RTbtg27paU4DhCCRrcnjZzlXQrraqYDdXUh9hQ%2Bh9Oh2xSnuRcy7RbPJmPPC9PYHk%2FXCP%2Fve3B6S80VuukA0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a02407cbbdb50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/favicon-16x16.png | 172.67.183.69 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:23 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6801
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1LFChGX6H7Mgh6B92jowofnFF%2B0A6CPoZwrvfy%2FUQb3dyCrJtXtccTmtjppaHC5C%2FYV2PxlW3xagR%2FLO7w%2BLTcY4eqeYpVoUsKP2s0To1Ao6Itilmo0RI3%2B6yaHAKsQwwK%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a02407dbd9b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 6.adsco.re:2087/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:2087
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.amdahost.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0240d5a5c5687-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.amdahost.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0240d5c4eb512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 392 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Size392 kB (391759 bytes) Hash3984e6f5e5606645fded7e1a5940b63c e080b1446e4901dea6572ecccf9eba7265208d0c 40a1d8b4f9d6ba8f6faeb1b8dbfa182c620c11c553eaf20577628363cd7826a3
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 4.adsco.re:2087/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:2087
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 17:44:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| c.adsco.re/ | 104.17.166.186 | | 28 kB |
IP104.17.166.186:0
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:24 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 26 May 2024 17:44:24 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 600507
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0240fcb6c0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 17:44:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| uixtw4qhc8cv.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2uixtw4qhc8cv.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: uixtw4qhc8cv.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:24 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/chicken.gif?z=2020090&pb=7f56ae8ec8acd49ef1eb16e294af199c1714074262&psp=hk-TDWt06g90jjzULR5G5rGu-MotXuJqySxaV3qN92YlMB1OuPhvmCwnGGL_UgpNwuqecXgKr9ARrcyOx_4o41LDxq4tNTKnz5h94FSor8d0fx5UqaNaAzNdF4xrAx0dd4jAAOY6dSkADUS8FrrJoSmWmegsdjE-0I5gJaYOCCZ9Il4RSdXNhDxtfnQ3ZZ3BLyLMsdeOVxQFgrGliFotSrXzR5uyKGkOmQdpK2nHuSsQ1QvINg4ZlaSwZxGoFXuqR-5MpAZDTCDBWs_IT82mvUzQYB2zEFwofNGmv4XAO5XYIZiNSonmW1OsAkfoAWY7W7-9UCBhWOkFNkjuyn57rsOw_0_BLMTHjn1sqB-90laEQM15HrhiWghEWyIZceozajaya86AWamfR99WRF61goT8FVQ5nuAK49UgdTZl3sk3hQABNz8goSEYEbFSPfytYLIUUq2xCdWmBTBhN9hF1o3mgSuWDiOmb-ToWCd8TKHduTVIc1S6skVRoleyGXU8HklGS_sVazqmKUkaCbu5P7nykO8uoU5aIwokdREraXPfEZt9lanh29LpyWoCM_8DhTkRi1P-lmFbBisQUIGPl1thffB_Zphin3D4vnKdCAYDkKTR5R3i7dnlvkNsIIxtRerEpRdkLLrOqoh7rSruFcYyAvZRDV5Yk3aMjF_sEI_kIVFchea_CYDEcvwym66p4grEJCgOx2iEHTK2ezdJLYdTH_slocGI6uhhrDYs0ptgSojIy9HjYcFlVxqneJsXyCkg4FFNVslXQmBflCo9FJKYLg8kwHsNjEq9U1MgFpVaSg2ZvVY-Ey05rrnjheQ1R4pHuunXwS0CbTtQhdpx9RcI4fhQw_1ITnU9TU-DsCgCUp0Es0k2Fhm6I_NTNzkCRKhoCKB-pEzJnF0osjs6jxg3NGLhc4Lxz_zaHS6MON1o_iyGHwonhvUoMknQ03BO-uS1dDaHia4K8Nn3i7EIa4RgI5OAfo0glGEZVeiXS20T6_PgY2B9x3PSukFpMRQai7agc51sUIOaqlgAAEB4sjPoz4Bl5_Bi4MhxlAl1-Isa-yPsluQ7dhoqzzKW2p0BijJFuTetoFQ9-M0T3LGpH3NEQ1cAPAX1kdgQjXpWFuugQcMqmIcHp0-6GbIOFYItnbEo4hjNXlki04GGDYfrHms2zDJUr_3zDJqqQua3lTs0_TH5DSDbTS0TooN3WWJU5SFrdwJslYgXuKGwwi60cwDPZnTLliwoXdnkMQbjs_Yi9AUVD0doLtC1d6KaxhvXzQyNUz6_I-Pj6f7-424Ppk3hETs9-psUukKQIGdcwuzxH3m_iHjfQGCPxrB5rochvAHEmr6hDuhx26FHzVyA3bfR47ZhV129axca0sduq11U7DfL_2phUAYMTsUQnOM6aXU6KpYdI_qSg8EMCO5xBxFBtbpNmEoz9X-zAVhjSq9p1ARUcVV70DJY0uATxZfi7eyFrIubk42e0CfbjN9erXC0EvypXyOQaJkgcSB6DYi0Ez9eNsxTkIwIH9XZLonDYoOlku1V4LN1-wCHHxpfTbdZDcomSy9nbkFT5Ir1DZf83RxACpbCacQoftM3lywZiF-XMFFq_jG-ce3VUTwqs8dt-HmwMcouhr6cO9umAOUjyMBukYrTemeYV7wuOyGPkPyuJ9N35-8vzZ6RhaeVI3PEzOEEEDOR01oKsAn8LSLuSjuz5FGdJ7ZpXzcMgoTV770Q4PW2E4S1AMl2maH_PNBV0KJIy2wuZGlAyOpjCJNooEg5djHqLW_LIZ22-AjX371AeyD_2ehLqxbQdeQ7x83TK8VyZKwYXfFYO4yyIVqgh0ssopPg_1b3SCJB4SbEUW5WVi_uYyWPsjDtuzfh9IUVrYJnbQ7iwpRPMsjdDVRurBfPHo062dEJyXIc7VeNIEsEOb3m0bBfY1h45hL0TX81-OhWIHkk-FZXYWiiaf-8u4kK7jnQvW86fNqm5sXIJ20HNRVF82Qcjgzj8DAHfJon3NB0oC1j5owzYg1V-7tnvrz5teeplybwIjcRoWGC_UzhDl8GcC-K0YTVyBu0kYVFTkx-MipCjHMNAWYpdXXPhSGwmCzh1ad_TcPms_Z70w0BW1Pw96k52kq4vbpVaM1HEz9SF2UDT1hB0qnqN7BjsGuFLJ7wxiWtOqjpK18JlmSX3ubLCbUdeRKoNj3I02C51MPdzQDeRZs5hlSPbkd2G1qLYSrn6YR8YTIALLjFeojt2bha1f1nyRqabAZWn1UMvDP8TA4OYfU1ukQLlf2nVeDgXfTJFvdq1QhjbQjbpX1N1TSWwhGBZyMbl-GgvNlSpyZAIsGsNBnovw4INy7n8e8JjLxYzoe6UngjmqJYiNvpNlbD2BW6NpEwMRHPwNtA9RJ19hS-DjXfkAcrqPTNC_i6E291PPnt8LTaID7nw5yospO6HyIZSHRDwGsZ3K0YqIsmAsoci94vRLk8loWcJJNKx435N4vqaQ5WHd5-Lq24Sh8c2Cu8V75qzrFKE2z8V0m2WX7wtfsGF1OgPiaO5jhj8Grv7pJWZPOIkGOlRWlTA2M2g7vnWMJmC9Kzchz8MM2tB6-IeE2QNCOES3bQsF-047YkzzD8Xq2ywgNLDnup-mwVLp6RfGzGTsodeRF7LjwRQR5O87sIVD7x9WxCEXXn-_jLYYlt2fs3CWm5uoDN9wOu7jDTKSBgfcsxs2LbgiVYal5JT0pbn6nFxw61V6bKipXts951PFg4WeJHmLxwJL7JM4swqz9oMmMQ-WaRRX4igdQaQrkfhnIm7P6_YmlP2ARzBL_-ZUQxXBlhO1QgnBZw4JXNvfWg6YbsV67xxZpyc170uwwR6mwyhZPlcqW7mYt-U7UOz0Lxqn9ADNPq2h0vYKSPCfMOmQixSaDsY-dGaX6DGhw449t-DIAI6XSKp0BHhV300hu7nIn7RckrpDCSGqJnP8NDgzrja4nFSbdG2TrDKhwReWNkdjs0jniNaSz1dfyuqWc0DJRxsnNBeAzR4-iSXi3oBrRzgH870qddh4X-21jhgjfdqeS_zYIas9QZ17Q_2F-Ijqy_W8Tha0zvHJyoqPn58uyXBwJKEefrZKaL0kRU3Q_4ZWcH2L4jK4f__FrEVjYwWzNRZ1DFH2HhGJ0HNO92o9yVcsWpuWPbwWGrmPmF0Te1KNdbEOX6ZC1n5Vig5zxhrbZgxlVwYaRZFX1j8SNSGVIELoPoX5HSBinq4WajHeZoJoDlqAsI5ykltiUFv3uynsIF3EvsH1nzWmmEyQRD5BPnemOe-iYFvd3DAwYlpblBST4-3Vf0gxB2yq6xTKXUNXBXNmv9k5WvCYssSWzwsXzdvBpPxVQpcCVWsiTnk4e3fMJS3ap2AaphbdYXDh_pi8FZEQ-6hKvg1rUa2esO649LPOna6EzLuPJib4_XqYe8r1Lt3_WvbZSNjO40ndme4oGj-5SzCQSpDZusUl4EHQ4EibB-DGlvXP2yWUSh9hlhOQjRm3cDQczbWt-GOtMkssHajNQ_iFGcBv6FtadjqfAkMVJ1qKQMfxSpR0YnD_P0r41hLysP41tm4JHkdvHtCRNQn4qTBBAEDafFcQccSsaLaKluiXQq6Ks7tgKGOBDq55tTLlcdbpBiQVNfII3HGg2BQRCb95xH86IyHUau6EnJ0bFjFSJG6NsJmIKCpofJB_lLT40YJK56HE8T5zRN8T5Pum22kHwvAO-V3ra9p9vEtEYxNQbrqSup02XnloMfv3jKxhaNskdeH48GmbrAYvjKAg8Wleo0ZRoypGWnEBU5vnD-9PnXh2PCWGoS_p6dcB6_0xMA4g-ClyPuFO11hCTFrcUzk-xWNCE-UFkvnqA9RKRdm8zruiRq5JA-a_t75ic4RZYlRlbQZBW6WdqTP4Ul38tinMK-9AZao3YsgU0i2sAuoW_PqPT5P9ed&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178882679780352&eclog=0&im=1 | 212.117.190.202 | 200 OK | 43 B |
URL GET HTTP/212ezo5v60.com/chicken.gif?z=2020090&pb=7f56ae8ec8acd49ef1eb16e294af199c1714074262&psp=hk-TDWt06g90jjzULR5G5rGu-MotXuJqySxaV3qN92YlMB1OuPhvmCwnGGL_UgpNwuqecXgKr9ARrcyOx_4o41LDxq4tNTKnz5h94FSor8d0fx5UqaNaAzNdF4xrAx0dd4jAAOY6dSkADUS8FrrJoSmWmegsdjE-0I5gJaYOCCZ9Il4RSdXNhDxtfnQ3ZZ3BLyLMsdeOVxQFgrGliFotSrXzR5uyKGkOmQdpK2nHuSsQ1QvINg4ZlaSwZxGoFXuqR-5MpAZDTCDBWs_IT82mvUzQYB2zEFwofNGmv4XAO5XYIZiNSonmW1OsAkfoAWY7W7-9UCBhWOkFNkjuyn57rsOw_0_BLMTHjn1sqB-90laEQM15HrhiWghEWyIZceozajaya86AWamfR99WRF61goT8FVQ5nuAK49UgdTZl3sk3hQABNz8goSEYEbFSPfytYLIUUq2xCdWmBTBhN9hF1o3mgSuWDiOmb-ToWCd8TKHduTVIc1S6skVRoleyGXU8HklGS_sVazqmKUkaCbu5P7nykO8uoU5aIwokdREraXPfEZt9lanh29LpyWoCM_8DhTkRi1P-lmFbBisQUIGPl1thffB_Zphin3D4vnKdCAYDkKTR5R3i7dnlvkNsIIxtRerEpRdkLLrOqoh7rSruFcYyAvZRDV5Yk3aMjF_sEI_kIVFchea_CYDEcvwym66p4grEJCgOx2iEHTK2ezdJLYdTH_slocGI6uhhrDYs0ptgSojIy9HjYcFlVxqneJsXyCkg4FFNVslXQmBflCo9FJKYLg8kwHsNjEq9U1MgFpVaSg2ZvVY-Ey05rrnjheQ1R4pHuunXwS0CbTtQhdpx9RcI4fhQw_1ITnU9TU-DsCgCUp0Es0k2Fhm6I_NTNzkCRKhoCKB-pEzJnF0osjs6jxg3NGLhc4Lxz_zaHS6MON1o_iyGHwonhvUoMknQ03BO-uS1dDaHia4K8Nn3i7EIa4RgI5OAfo0glGEZVeiXS20T6_PgY2B9x3PSukFpMRQai7agc51sUIOaqlgAAEB4sjPoz4Bl5_Bi4MhxlAl1-Isa-yPsluQ7dhoqzzKW2p0BijJFuTetoFQ9-M0T3LGpH3NEQ1cAPAX1kdgQjXpWFuugQcMqmIcHp0-6GbIOFYItnbEo4hjNXlki04GGDYfrHms2zDJUr_3zDJqqQua3lTs0_TH5DSDbTS0TooN3WWJU5SFrdwJslYgXuKGwwi60cwDPZnTLliwoXdnkMQbjs_Yi9AUVD0doLtC1d6KaxhvXzQyNUz6_I-Pj6f7-424Ppk3hETs9-psUukKQIGdcwuzxH3m_iHjfQGCPxrB5rochvAHEmr6hDuhx26FHzVyA3bfR47ZhV129axca0sduq11U7DfL_2phUAYMTsUQnOM6aXU6KpYdI_qSg8EMCO5xBxFBtbpNmEoz9X-zAVhjSq9p1ARUcVV70DJY0uATxZfi7eyFrIubk42e0CfbjN9erXC0EvypXyOQaJkgcSB6DYi0Ez9eNsxTkIwIH9XZLonDYoOlku1V4LN1-wCHHxpfTbdZDcomSy9nbkFT5Ir1DZf83RxACpbCacQoftM3lywZiF-XMFFq_jG-ce3VUTwqs8dt-HmwMcouhr6cO9umAOUjyMBukYrTemeYV7wuOyGPkPyuJ9N35-8vzZ6RhaeVI3PEzOEEEDOR01oKsAn8LSLuSjuz5FGdJ7ZpXzcMgoTV770Q4PW2E4S1AMl2maH_PNBV0KJIy2wuZGlAyOpjCJNooEg5djHqLW_LIZ22-AjX371AeyD_2ehLqxbQdeQ7x83TK8VyZKwYXfFYO4yyIVqgh0ssopPg_1b3SCJB4SbEUW5WVi_uYyWPsjDtuzfh9IUVrYJnbQ7iwpRPMsjdDVRurBfPHo062dEJyXIc7VeNIEsEOb3m0bBfY1h45hL0TX81-OhWIHkk-FZXYWiiaf-8u4kK7jnQvW86fNqm5sXIJ20HNRVF82Qcjgzj8DAHfJon3NB0oC1j5owzYg1V-7tnvrz5teeplybwIjcRoWGC_UzhDl8GcC-K0YTVyBu0kYVFTkx-MipCjHMNAWYpdXXPhSGwmCzh1ad_TcPms_Z70w0BW1Pw96k52kq4vbpVaM1HEz9SF2UDT1hB0qnqN7BjsGuFLJ7wxiWtOqjpK18JlmSX3ubLCbUdeRKoNj3I02C51MPdzQDeRZs5hlSPbkd2G1qLYSrn6YR8YTIALLjFeojt2bha1f1nyRqabAZWn1UMvDP8TA4OYfU1ukQLlf2nVeDgXfTJFvdq1QhjbQjbpX1N1TSWwhGBZyMbl-GgvNlSpyZAIsGsNBnovw4INy7n8e8JjLxYzoe6UngjmqJYiNvpNlbD2BW6NpEwMRHPwNtA9RJ19hS-DjXfkAcrqPTNC_i6E291PPnt8LTaID7nw5yospO6HyIZSHRDwGsZ3K0YqIsmAsoci94vRLk8loWcJJNKx435N4vqaQ5WHd5-Lq24Sh8c2Cu8V75qzrFKE2z8V0m2WX7wtfsGF1OgPiaO5jhj8Grv7pJWZPOIkGOlRWlTA2M2g7vnWMJmC9Kzchz8MM2tB6-IeE2QNCOES3bQsF-047YkzzD8Xq2ywgNLDnup-mwVLp6RfGzGTsodeRF7LjwRQR5O87sIVD7x9WxCEXXn-_jLYYlt2fs3CWm5uoDN9wOu7jDTKSBgfcsxs2LbgiVYal5JT0pbn6nFxw61V6bKipXts951PFg4WeJHmLxwJL7JM4swqz9oMmMQ-WaRRX4igdQaQrkfhnIm7P6_YmlP2ARzBL_-ZUQxXBlhO1QgnBZw4JXNvfWg6YbsV67xxZpyc170uwwR6mwyhZPlcqW7mYt-U7UOz0Lxqn9ADNPq2h0vYKSPCfMOmQixSaDsY-dGaX6DGhw449t-DIAI6XSKp0BHhV300hu7nIn7RckrpDCSGqJnP8NDgzrja4nFSbdG2TrDKhwReWNkdjs0jniNaSz1dfyuqWc0DJRxsnNBeAzR4-iSXi3oBrRzgH870qddh4X-21jhgjfdqeS_zYIas9QZ17Q_2F-Ijqy_W8Tha0zvHJyoqPn58uyXBwJKEefrZKaL0kRU3Q_4ZWcH2L4jK4f__FrEVjYwWzNRZ1DFH2HhGJ0HNO92o9yVcsWpuWPbwWGrmPmF0Te1KNdbEOX6ZC1n5Vig5zxhrbZgxlVwYaRZFX1j8SNSGVIELoPoX5HSBinq4WajHeZoJoDlqAsI5ykltiUFv3uynsIF3EvsH1nzWmmEyQRD5BPnemOe-iYFvd3DAwYlpblBST4-3Vf0gxB2yq6xTKXUNXBXNmv9k5WvCYssSWzwsXzdvBpPxVQpcCVWsiTnk4e3fMJS3ap2AaphbdYXDh_pi8FZEQ-6hKvg1rUa2esO649LPOna6EzLuPJib4_XqYe8r1Lt3_WvbZSNjO40ndme4oGj-5SzCQSpDZusUl4EHQ4EibB-DGlvXP2yWUSh9hlhOQjRm3cDQczbWt-GOtMkssHajNQ_iFGcBv6FtadjqfAkMVJ1qKQMfxSpR0YnD_P0r41hLysP41tm4JHkdvHtCRNQn4qTBBAEDafFcQccSsaLaKluiXQq6Ks7tgKGOBDq55tTLlcdbpBiQVNfII3HGg2BQRCb95xH86IyHUau6EnJ0bFjFSJG6NsJmIKCpofJB_lLT40YJK56HE8T5zRN8T5Pum22kHwvAO-V3ra9p9vEtEYxNQbrqSup02XnloMfv3jKxhaNskdeH48GmbrAYvjKAg8Wleo0ZRoypGWnEBU5vnD-9PnXh2PCWGoS_p6dcB6_0xMA4g-ClyPuFO11hCTFrcUzk-xWNCE-UFkvnqA9RKRdm8zruiRq5JA-a_t75ic4RZYlRlbQZBW6WdqTP4Ul38tinMK-9AZao3YsgU0i2sAuoW_PqPT5P9ed&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178882679780352&eclog=0&im=1 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=7f56ae8ec8acd49ef1eb16e294af199c1714074262&psp=hk-TDWt06g90jjzULR5G5rGu-MotXuJqySxaV3qN92YlMB1OuPhvmCwnGGL_UgpNwuqecXgKr9ARrcyOx_4o41LDxq4tNTKnz5h94FSor8d0fx5UqaNaAzNdF4xrAx0dd4jAAOY6dSkADUS8FrrJoSmWmegsdjE-0I5gJaYOCCZ9Il4RSdXNhDxtfnQ3ZZ3BLyLMsdeOVxQFgrGliFotSrXzR5uyKGkOmQdpK2nHuSsQ1QvINg4ZlaSwZxGoFXuqR-5MpAZDTCDBWs_IT82mvUzQYB2zEFwofNGmv4XAO5XYIZiNSonmW1OsAkfoAWY7W7-9UCBhWOkFNkjuyn57rsOw_0_BLMTHjn1sqB-90laEQM15HrhiWghEWyIZceozajaya86AWamfR99WRF61goT8FVQ5nuAK49UgdTZl3sk3hQABNz8goSEYEbFSPfytYLIUUq2xCdWmBTBhN9hF1o3mgSuWDiOmb-ToWCd8TKHduTVIc1S6skVRoleyGXU8HklGS_sVazqmKUkaCbu5P7nykO8uoU5aIwokdREraXPfEZt9lanh29LpyWoCM_8DhTkRi1P-lmFbBisQUIGPl1thffB_Zphin3D4vnKdCAYDkKTR5R3i7dnlvkNsIIxtRerEpRdkLLrOqoh7rSruFcYyAvZRDV5Yk3aMjF_sEI_kIVFchea_CYDEcvwym66p4grEJCgOx2iEHTK2ezdJLYdTH_slocGI6uhhrDYs0ptgSojIy9HjYcFlVxqneJsXyCkg4FFNVslXQmBflCo9FJKYLg8kwHsNjEq9U1MgFpVaSg2ZvVY-Ey05rrnjheQ1R4pHuunXwS0CbTtQhdpx9RcI4fhQw_1ITnU9TU-DsCgCUp0Es0k2Fhm6I_NTNzkCRKhoCKB-pEzJnF0osjs6jxg3NGLhc4Lxz_zaHS6MON1o_iyGHwonhvUoMknQ03BO-uS1dDaHia4K8Nn3i7EIa4RgI5OAfo0glGEZVeiXS20T6_PgY2B9x3PSukFpMRQai7agc51sUIOaqlgAAEB4sjPoz4Bl5_Bi4MhxlAl1-Isa-yPsluQ7dhoqzzKW2p0BijJFuTetoFQ9-M0T3LGpH3NEQ1cAPAX1kdgQjXpWFuugQcMqmIcHp0-6GbIOFYItnbEo4hjNXlki04GGDYfrHms2zDJUr_3zDJqqQua3lTs0_TH5DSDbTS0TooN3WWJU5SFrdwJslYgXuKGwwi60cwDPZnTLliwoXdnkMQbjs_Yi9AUVD0doLtC1d6KaxhvXzQyNUz6_I-Pj6f7-424Ppk3hETs9-psUukKQIGdcwuzxH3m_iHjfQGCPxrB5rochvAHEmr6hDuhx26FHzVyA3bfR47ZhV129axca0sduq11U7DfL_2phUAYMTsUQnOM6aXU6KpYdI_qSg8EMCO5xBxFBtbpNmEoz9X-zAVhjSq9p1ARUcVV70DJY0uATxZfi7eyFrIubk42e0CfbjN9erXC0EvypXyOQaJkgcSB6DYi0Ez9eNsxTkIwIH9XZLonDYoOlku1V4LN1-wCHHxpfTbdZDcomSy9nbkFT5Ir1DZf83RxACpbCacQoftM3lywZiF-XMFFq_jG-ce3VUTwqs8dt-HmwMcouhr6cO9umAOUjyMBukYrTemeYV7wuOyGPkPyuJ9N35-8vzZ6RhaeVI3PEzOEEEDOR01oKsAn8LSLuSjuz5FGdJ7ZpXzcMgoTV770Q4PW2E4S1AMl2maH_PNBV0KJIy2wuZGlAyOpjCJNooEg5djHqLW_LIZ22-AjX371AeyD_2ehLqxbQdeQ7x83TK8VyZKwYXfFYO4yyIVqgh0ssopPg_1b3SCJB4SbEUW5WVi_uYyWPsjDtuzfh9IUVrYJnbQ7iwpRPMsjdDVRurBfPHo062dEJyXIc7VeNIEsEOb3m0bBfY1h45hL0TX81-OhWIHkk-FZXYWiiaf-8u4kK7jnQvW86fNqm5sXIJ20HNRVF82Qcjgzj8DAHfJon3NB0oC1j5owzYg1V-7tnvrz5teeplybwIjcRoWGC_UzhDl8GcC-K0YTVyBu0kYVFTkx-MipCjHMNAWYpdXXPhSGwmCzh1ad_TcPms_Z70w0BW1Pw96k52kq4vbpVaM1HEz9SF2UDT1hB0qnqN7BjsGuFLJ7wxiWtOqjpK18JlmSX3ubLCbUdeRKoNj3I02C51MPdzQDeRZs5hlSPbkd2G1qLYSrn6YR8YTIALLjFeojt2bha1f1nyRqabAZWn1UMvDP8TA4OYfU1ukQLlf2nVeDgXfTJFvdq1QhjbQjbpX1N1TSWwhGBZyMbl-GgvNlSpyZAIsGsNBnovw4INy7n8e8JjLxYzoe6UngjmqJYiNvpNlbD2BW6NpEwMRHPwNtA9RJ19hS-DjXfkAcrqPTNC_i6E291PPnt8LTaID7nw5yospO6HyIZSHRDwGsZ3K0YqIsmAsoci94vRLk8loWcJJNKx435N4vqaQ5WHd5-Lq24Sh8c2Cu8V75qzrFKE2z8V0m2WX7wtfsGF1OgPiaO5jhj8Grv7pJWZPOIkGOlRWlTA2M2g7vnWMJmC9Kzchz8MM2tB6-IeE2QNCOES3bQsF-047YkzzD8Xq2ywgNLDnup-mwVLp6RfGzGTsodeRF7LjwRQR5O87sIVD7x9WxCEXXn-_jLYYlt2fs3CWm5uoDN9wOu7jDTKSBgfcsxs2LbgiVYal5JT0pbn6nFxw61V6bKipXts951PFg4WeJHmLxwJL7JM4swqz9oMmMQ-WaRRX4igdQaQrkfhnIm7P6_YmlP2ARzBL_-ZUQxXBlhO1QgnBZw4JXNvfWg6YbsV67xxZpyc170uwwR6mwyhZPlcqW7mYt-U7UOz0Lxqn9ADNPq2h0vYKSPCfMOmQixSaDsY-dGaX6DGhw449t-DIAI6XSKp0BHhV300hu7nIn7RckrpDCSGqJnP8NDgzrja4nFSbdG2TrDKhwReWNkdjs0jniNaSz1dfyuqWc0DJRxsnNBeAzR4-iSXi3oBrRzgH870qddh4X-21jhgjfdqeS_zYIas9QZ17Q_2F-Ijqy_W8Tha0zvHJyoqPn58uyXBwJKEefrZKaL0kRU3Q_4ZWcH2L4jK4f__FrEVjYwWzNRZ1DFH2HhGJ0HNO92o9yVcsWpuWPbwWGrmPmF0Te1KNdbEOX6ZC1n5Vig5zxhrbZgxlVwYaRZFX1j8SNSGVIELoPoX5HSBinq4WajHeZoJoDlqAsI5ykltiUFv3uynsIF3EvsH1nzWmmEyQRD5BPnemOe-iYFvd3DAwYlpblBST4-3Vf0gxB2yq6xTKXUNXBXNmv9k5WvCYssSWzwsXzdvBpPxVQpcCVWsiTnk4e3fMJS3ap2AaphbdYXDh_pi8FZEQ-6hKvg1rUa2esO649LPOna6EzLuPJib4_XqYe8r1Lt3_WvbZSNjO40ndme4oGj-5SzCQSpDZusUl4EHQ4EibB-DGlvXP2yWUSh9hlhOQjRm3cDQczbWt-GOtMkssHajNQ_iFGcBv6FtadjqfAkMVJ1qKQMfxSpR0YnD_P0r41hLysP41tm4JHkdvHtCRNQn4qTBBAEDafFcQccSsaLaKluiXQq6Ks7tgKGOBDq55tTLlcdbpBiQVNfII3HGg2BQRCb95xH86IyHUau6EnJ0bFjFSJG6NsJmIKCpofJB_lLT40YJK56HE8T5zRN8T5Pum22kHwvAO-V3ra9p9vEtEYxNQbrqSup02XnloMfv3jKxhaNskdeH48GmbrAYvjKAg8Wleo0ZRoypGWnEBU5vnD-9PnXh2PCWGoS_p6dcB6_0xMA4g-ClyPuFO11hCTFrcUzk-xWNCE-UFkvnqA9RKRdm8zruiRq5JA-a_t75ic4RZYlRlbQZBW6WdqTP4Ul38tinMK-9AZao3YsgU0i2sAuoW_PqPT5P9ed&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178882679780352&eclog=0&im=1 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=24042512445f15a9328e014b0593e6b50e83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:24 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Sat, 25 May 2024 17:44:24 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmKeNQ; Path=/; Expires=Sat, 25 May 2024 17:44:24 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 811 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hash16212938ecc98661488e72d77e3032aa 285a5cdb7055cb407204443d531903efcbcee087 ebf4428bf5f9871c1c547ba4b59c7fad3f43a1adb77f93e6d6a62e7552e024e0
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1678
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 17:44:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| uixtw4qhc8cv.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2uixtw4qhc8cv.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: uixtw4qhc8cv.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/images/close-icon-circle.png | 185.76.9.15 | 200 OK | 405 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon-circle.png IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hashbc8bf5d1633e548e9a178bf29be30b7b bd290b6eabd73d2c95db053620797503e9178484 94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
GET /images/close-icon-circle.png HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: image/png
content-length: 405
last-modified: Tue, 25 Oct 2022 11:33:38 GMT
etag: "6357c992-195"
expires: Fri, 27 Oct 2023 07:10:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH348WKAQ
x-77-nzt-ray: c0a4cc2899f36dd179962a66b027162d
x-accel-expires: @1719731222
x-accel-date: 1688195222
x-cache: HIT
x-age: 25871843
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25871843
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OQU4DMQxFr8IFZvTt2Imna9YggThAJpOKTemiXRTJh8eZCgTkKdK3/W19BssEmVgfKB1EDsy+0LxgFp5JxZ+eX1zI62mr7+fLdW7nk4uYKLktCOUETpTZlbNIhivMlUoxwE2zmsWQ1JMjYE0iQ80AG2dYXsLEVLzA314f90+D4gm4sSKKEcMZLqFx2w/lLLUxN+HVCiyu1E2K1iOJ1p6G8W9s3JnBGqmdvxvBNMyJJHGEiwff2/Xy+dHcfxkH+rM6tv5P75h4cRIZHu+9aWkr94qjrNjWVtG36Oiq1jt9AesPsRqFAQAA | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OQU4DMQxFr8IFZvTt2Imna9YggThAJpOKTemiXRTJh8eZCgTkKdK3/W19BssEmVgfKB1EDsy+0LxgFp5JxZ+eX1zI62mr7+fLdW7nk4uYKLktCOUETpTZlbNIhivMlUoxwE2zmsWQ1JMjYE0iQ80AG2dYXsLEVLzA314f90+D4gm4sSKKEcMZLqFx2w/lLLUxN+HVCiyu1E2K1iOJ1p6G8W9s3JnBGqmdvxvBNMyJJHGEiwff2/Xy+dHcfxkH+rM6tv5P75h4cRIZHu+9aWkr94qjrNjWVtG36Oiq1jt9AesPsRqFAQAA IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OQU4DMQxFr8IFZvTt2Imna9YggThAJpOKTemiXRTJh8eZCgTkKdK3/W19BssEmVgfKB1EDsy+0LxgFp5JxZ+eX1zI62mr7+fLdW7nk4uYKLktCOUETpTZlbNIhivMlUoxwE2zmsWQ1JMjYE0iQ80AG2dYXsLEVLzA314f90+D4gm4sSKKEcMZLqFx2w/lLLUxN+HVCiyu1E2K1iOJ1p6G8W9s3JnBGqmdvxvBNMyJJHGEiwff2/Xy+dHcfxkH+rM6tv5P75h4cRIZHu+9aWkr94qjrNjWVtG36Oiq1jt9AesPsRqFAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662a9676505666.596523382938577783%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 17:44:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PS04DMRBEr8IFZlT98ydr1iCBOIDjmRGbkEWyCFIfnvZEIMBPLZW6q+0yg3WCTmwPJAfVA7NXmitm5ZlM/en5xZW8nZb2fr5c534+uWpRIy8VoZzAQondOKlacUMU5VwAr5KKwdjJXBwBm6gONQNccxVCNArn5Bn+9vq4FwXJBbixIfRI4QzX0Ljt96SkrTN35WPJKNVSWzRb20itrTKMf1Pjzkxac0z5uxFMwyykwpEtDnxvt8vnR3f/ZRzYz+rY+j+9U7LHG6rD4yuoZCFZK7XUau95gcWvN+GNjsxfDTCISIQBAAA= | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PS04DMRBEr8IFZlT98ydr1iCBOIDjmRGbkEWyCFIfnvZEIMBPLZW6q+0yg3WCTmwPJAfVA7NXmitm5ZlM/en5xZW8nZb2fr5c534+uWpRIy8VoZzAQondOKlacUMU5VwAr5KKwdjJXBwBm6gONQNccxVCNArn5Bn+9vq4FwXJBbixIfRI4QzX0Ljt96SkrTN35WPJKNVSWzRb20itrTKMf1Pjzkxac0z5uxFMwyykwpEtDnxvt8vnR3f/ZRzYz+rY+j+9U7LHG6rD4yuoZCFZK7XUau95gcWvN+GNjsxfDTCISIQBAAA= IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12PS04DMRBEr8IFZlT98ydr1iCBOIDjmRGbkEWyCFIfnvZEIMBPLZW6q+0yg3WCTmwPJAfVA7NXmitm5ZlM/en5xZW8nZb2fr5c534+uWpRIy8VoZzAQondOKlacUMU5VwAr5KKwdjJXBwBm6gONQNccxVCNArn5Bn+9vq4FwXJBbixIfRI4QzX0Ljt96SkrTN35WPJKNVSWzRb20itrTKMf1Pjzkxac0z5uxFMwyykwpEtDnxvt8vnR3f/ZRzYz+rY+j+9U7LHG6rD4yuoZCFZK7XUau95gcWvN+GNjsxfDTCISIQBAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662a9676505666.596523382938577783%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 17:44:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/library/448451/ee6568b37b61ea208c14fe485989a7efc14c184b.mp4 | 185.76.9.15 | 206 Partial Content | 52 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/448451/ee6568b37b61ea208c14fe485989a7efc14c184b.mp4 IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hashaa7df9303c99187ae9be3deb397ee170 ee6568b37b61ea208c14fe485989a7efc14c184b b7c09ce82f1d4be68665bfd9caff5bef8010ffdb7f18741b6ade8b181d641d01
GET /library/448451/ee6568b37b61ea208c14fe485989a7efc14c184b.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: video/mp4
content-length: 51589
last-modified: Wed, 16 Aug 2023 20:47:01 GMT
etag: "64dd35c5-c985"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 15 Aug 2024 21:29:06 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH39FVNAQ
x-77-nzt-ray: c0a4cc2899f36dd179962a66b9609a31
x-accel-expires: @1723757573
x-accel-date: 1692221573
x-cache: HIT
x-age: 21845492
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 21845492
content-range: bytes 0-51588/51589
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/448451/0859a1522aab8b8d9df300e5bfc12f77649456da.mp4 | 185.76.9.15 | 206 Partial Content | 33 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/448451/0859a1522aab8b8d9df300e5bfc12f77649456da.mp4 IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash2002cb88486c97f212033bf29860798f 0859a1522aab8b8d9df300e5bfc12f77649456da 446cda0fd72dec72e8c380769be2e4b99f3503a5fb3d17de18562d73ab37e3ea
GET /library/448451/0859a1522aab8b8d9df300e5bfc12f77649456da.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: video/mp4
content-length: 33207
last-modified: Fri, 01 Mar 2024 20:06:15 GMT
etag: "65e23537-81b7"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Sat, 01 Mar 2025 20:41:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQH3AFlIAAwBuUwKEwH3GQAAAAgBisclwQGB
x-77-nzt-ray: c0a4cc2899f36dd179962a66d609af31
x-accel-expires: @1740861664
x-77-cache: HIT
x-accel-date: 1709325689
x-77-age: 4741376
server: CDN77-Turbo
x-cache: HIT
x-age: 4741376
x-77-pop: stockholmSE
content-range: bytes 0-33206/33207
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/438437/e45434c505ada298a44bac9be6f255dc7c5dc975.webp | 185.76.9.15 | 200 OK | 4.8 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/438437/e45434c505ada298a44bac9be6f255dc7c5dc975.webp IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7450d4f8675563ffa588b165c6171f9 e45434c505ada298a44bac9be6f255dc7c5dc975 5a27919e0b2b69d401bee2a175a7727b1c0d010e9af652537615f7f954d38c9e
GET /library/438437/e45434c505ada298a44bac9be6f255dc7c5dc975.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: image/webp
content-length: 4752
last-modified: Fri, 03 Dec 2021 16:55:59 GMT
etag: "61aa4c1f-1290"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 18 Nov 2024 07:11:36 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EgwBuUwJDQH3pmgKAAwBuUwKAQH3q3jGAA
x-77-nzt-ray: c0a4cc2899f36dd179962a668cb26c32
x-accel-expires: @1731913896
x-accel-date: 1713384915
x-77-cache: HIT
x-77-age: 682150
server: CDN77-Turbo
x-cache: HIT
x-age: 682150
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PTU4DMQyFr8IFZuSfZyfpmjVIIA6QmWnFpnTRLorkw+NMN0CeLOXnffGzkGAiTGJPrAfgIBKN50YzZGZDvLy+BTj6eeufl+ttXi/ngFZoidoIqMEkyi5h4ookjGq4WaNSo3kVt4ZgCw1KiSkwdjOlr1B8vD/vxSlIcJN7Vh5G5xCKhIPuO+uOvoqskKUWqs28byjWTwzrRx3Gv0kp01FmyH9YMbpyxkyf7GEemgamDJVMlotiv+7X76814pdxyHZUxzAD+//8EI9hGBieWLjAN1uaqvvKJ7dFq5fV+bgdZeEfhRI7nYMBAAA= | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12PTU4DMQyFr8IFZuSfZyfpmjVIIA6QmWnFpnTRLorkw+NMN0CeLOXnffGzkGAiTGJPrAfgIBKN50YzZGZDvLy+BTj6eeufl+ttXi/ngFZoidoIqMEkyi5h4ookjGq4WaNSo3kVt4ZgCw1KiSkwdjOlr1B8vD/vxSlIcJN7Vh5G5xCKhIPuO+uOvoqskKUWqs28byjWTwzrRx3Gv0kp01FmyH9YMbpyxkyf7GEemgamDJVMlotiv+7X76814pdxyHZUxzAD+//8EI9hGBieWLjAN1uaqvvKJ7dFq5fV+bgdZeEfhRI7nYMBAAA= IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12PTU4DMQyFr8IFZuSfZyfpmjVIIA6QmWnFpnTRLorkw+NMN0CeLOXnffGzkGAiTGJPrAfgIBKN50YzZGZDvLy+BTj6eeufl+ttXi/ngFZoidoIqMEkyi5h4ookjGq4WaNSo3kVt4ZgCw1KiSkwdjOlr1B8vD/vxSlIcJN7Vh5G5xCKhIPuO+uOvoqskKUWqs28byjWTwzrRx3Gv0kp01FmyH9YMbpyxkyf7GEemgamDJVMlotiv+7X76814pdxyHZUxzAD+//8EI9hGBieWLjAN1uaqvvKJ7dFq5fV+bgdZeEfhRI7nYMBAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662a9676505666.596523382938577783%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 17:44:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| img.cdn.house/i/1/mLglPGX4bQpOMaB-uCmplZVDmqvxkoQYrdzGc3dMPsLQuR6LEddPc4rcaKhP7uVtM4947iVV3Apwi9xuurrMB8yJ8R-ekf4l0vurN1X2QJH077jXr355HdylyjMT_6vRdE1w-AcNXqZA0v7UA0oraqiuDewwgFl-W2oBGIUURMhDTAxsxhmRaGcbx5H5r7ZrTSNBMeHnJ9wYIYf4vuxauYtnuBQAl1H8SPKTkDWQvDPFaZIfrkxF56hmCrAerCnyrvC1prR-MUbRibh981fk4sMVgkZt2AmJ-qwIGqT0xH57VoDHer8ZCsPPCPiBG7gucfSh-E8-e-TFI2DVWEXl7l5O9sO9k5S23pBdbbUj6EHRpM9O6XH2ga9GiHGnGZhSCr5pLuoj9SVERrwd8aKYb4yPU5yrauWTn3yodI1AcKiUuBGG7xPE0ICgD52sTGryiCEmnEzTMa4fPuA9fzlmjSbdaHw38IfD5rx1cB5mo_nZ7iGsweiLCyiMh4y_Yqutx6yCHhCbZOOBdOKe3RA8cSm0AjsMJL9HC_WcKEWoSVc-OziznFO3Xt7TuBGOEMSwtQn44I20NHjRoG365yPFtL_2Q8yZiqyl3cy4nTCLmZbrow== | 176.9.147.61 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2img.cdn.house/i/1/mLglPGX4bQpOMaB-uCmplZVDmqvxkoQYrdzGc3dMPsLQuR6LEddPc4rcaKhP7uVtM4947iVV3Apwi9xuurrMB8yJ8R-ekf4l0vurN1X2QJH077jXr355HdylyjMT_6vRdE1w-AcNXqZA0v7UA0oraqiuDewwgFl-W2oBGIUURMhDTAxsxhmRaGcbx5H5r7ZrTSNBMeHnJ9wYIYf4vuxauYtnuBQAl1H8SPKTkDWQvDPFaZIfrkxF56hmCrAerCnyrvC1prR-MUbRibh981fk4sMVgkZt2AmJ-qwIGqT0xH57VoDHer8ZCsPPCPiBG7gucfSh-E8-e-TFI2DVWEXl7l5O9sO9k5S23pBdbbUj6EHRpM9O6XH2ga9GiHGnGZhSCr5pLuoj9SVERrwd8aKYb4yPU5yrauWTn3yodI1AcKiUuBGG7xPE0ICgD52sTGryiCEmnEzTMa4fPuA9fzlmjSbdaHw38IfD5rx1cB5mo_nZ7iGsweiLCyiMh4y_Yqutx6yCHhCbZOOBdOKe3RA8cSm0AjsMJL9HC_WcKEWoSVc-OziznFO3Xt7TuBGOEMSwtQn44I20NHjRoG365yPFtL_2Q8yZiqyl3cy4nTCLmZbrow== IP176.9.147.61:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectimg.cdn.house Fingerprint98:AC:05:29:31:CD:6B:03:04:7D:9B:28:08:AA:B1:09:56:1A:CA:30 ValidityThu, 21 Mar 2024 10:50:12 GMT - Wed, 19 Jun 2024 10:50:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i/1/mLglPGX4bQpOMaB-uCmplZVDmqvxkoQYrdzGc3dMPsLQuR6LEddPc4rcaKhP7uVtM4947iVV3Apwi9xuurrMB8yJ8R-ekf4l0vurN1X2QJH077jXr355HdylyjMT_6vRdE1w-AcNXqZA0v7UA0oraqiuDewwgFl-W2oBGIUURMhDTAxsxhmRaGcbx5H5r7ZrTSNBMeHnJ9wYIYf4vuxauYtnuBQAl1H8SPKTkDWQvDPFaZIfrkxF56hmCrAerCnyrvC1prR-MUbRibh981fk4sMVgkZt2AmJ-qwIGqT0xH57VoDHer8ZCsPPCPiBG7gucfSh-E8-e-TFI2DVWEXl7l5O9sO9k5S23pBdbbUj6EHRpM9O6XH2ga9GiHGnGZhSCr5pLuoj9SVERrwd8aKYb4yPU5yrauWTn3yodI1AcKiUuBGG7xPE0ICgD52sTGryiCEmnEzTMa4fPuA9fzlmjSbdaHw38IfD5rx1cB5mo_nZ7iGsweiLCyiMh4y_Yqutx6yCHhCbZOOBdOKe3RA8cSm0AjsMJL9HC_WcKEWoSVc-OziznFO3Xt7TuBGOEMSwtQn44I20NHjRoG365yPFtL_2Q8yZiqyl3cy4nTCLmZbrow== HTTP/1.1
Host: img.cdn.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 25 Apr 2024 17:44:25 GMT
content-length: 0
location: https://s-img.adskeeper.com/g/12578249/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvMTAxOTI0LzMyMzBiMjgxMzdkZDEzZDYyMTc5NzBjYzU2ZDdjNDNmLmpwZWc.webp?v=1714067062-rzGRNtinAkmMg_uw7ygmLRuXHiUvHcq4XgSMbsIfGRg
X-Firefox-Spdy: h2
|
|
| uixtw4qhc8cv.s4.adsco.re/ | 185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2uixtw4qhc8cv.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: uixtw4qhc8cv.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 25 Apr 2024 17:44:26 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| 70b25fad84.ecaecc3e17.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIzNzUwMDU5MDA0MjMwNjcwMzAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjozLjI5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/270b25fad84.ecaecc3e17.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIzNzUwMDU5MDA0MjMwNjcwMzAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjozLjI5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject70b25fad84.ecaecc3e17.com FingerprintFE:23:54:AE:9D:F5:3E:7B:A3:9D:DA:6F:CC:59:5D:24:23:E3:13:0B ValidityMon, 22 Apr 2024 02:50:24 GMT - Sun, 21 Jul 2024 02:50:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIzNzUwMDU5MDA0MjMwNjcwMzAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjozLjI5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 70b25fad84.ecaecc3e17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:26 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 96b600f50a.a0e351a3aa.com/b060992ef1ff518f404c2b251a45c688.js | 45.133.44.53 | 200 OK | 28 kB |
URL GET HTTP/296b600f50a.a0e351a3aa.com/b060992ef1ff518f404c2b251a45c688.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject96b600f50a.a0e351a3aa.com FingerprintAD:AF:F1:6D:B3:03:A9:36:49:20:2F:CC:29:B3:F0:E6:2D:A0:EA:6D ValidityMon, 22 Apr 2024 02:20:27 GMT - Sun, 21 Jul 2024 02:20:26 GMT
File typegzip compressed data, from Unix Hash06016e710e993ce05aed3eb9c12b5826 bbd9c6ab453873cce770bfc0d30862cd1db6fb26 8c38f1cded5182b77564276d9f91f6ba13c5e2fe6c6448d5b673250cc88b3ff1
GET /b060992ef1ff518f404c2b251a45c688.js HTTP/1.1
Host: 96b600f50a.a0e351a3aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:26 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Thu, 25 Apr 2024 17:49:26 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| xadsmart.com/ccmafqvddmvevekhjeb?YOPhoKVt=BQLyAAAAAAAACZUAArOu4-28i6QBJpGXT7Baw6Jz7_L4w4BEU8HqDqAOuQItYrRXHzEUw4xKL-4PGLDMCAGIyIImqC5z8VYkt-2ZVvpCNrXda7P7BoMPh3HpG4WvUm4eTTVzl9Op5y847aYuxtUULh4CysWqBKjCrH60qpm_NIDq5lch-ZooS4qlZi401X9Pnp0p0qDJY7MOX9S2oCaspGlckT0ayUt8Uys6BfGE5YgA6_McqilOlQzoKoBHbGd52nqf_mfgOYeU_g6lweuPaay5y1I_IpWWmKfhJ__Z_Q2WH-RbCV5_7k8U8d0-GkJrV_XuO4GFntTnYxPRiQeafk0hjtXdqWqidE-4E4_sU_pjzBR8TOd6u_n-rV1RJXKywqh1sb989i5-536cJC3rUYaxakijQKnya_JB5vHwb9BJtaeSuHBESqfMRobnrEIn2tx3e3VYtX91tu62pvRW_XHh421No_rwh2klFmIFoUrQEWCq20dNG2SXVcxiAg0kbGqn-XqtYoCZ87iaPVdj7vcCWL8AN7TFyEAQ5ivS0Y_wjXP-PHtO2WeXAj3pqPTCG_JzKQ1Q6bMyTqucZEbcTe29JcDDf99KK7hGFT8mHrxpiwwSKVtMiCIPgRv5UQ2oYtf17_D3qp3vbn84-4XaiED2vhSzSvEvK4o3ldad5lArgMgt7EZtXfX8M1_cE7scP1jJemGMDhC5RXl9A6gY6w9cJ1OLTAjSkF0u6pfl71Qxxd35nCrFowxflQMS0eP7x8mMpEIL16jBnLLpZe6Lw65TQKDJPWA_z5-_j9JuuWGZj-08zcJtkXrxnkK1YdtVgRbKQ85ve7u7y5n3C2EIYMD8DOiLdp3MQD6rw7autpjPLGX-IBHaR5rpkp9UTh3NkPQqAexEvXxULnyhNpHnM0CFfd7sBhtFy6AxPoF-CG_RTshV0WB7fbtHtG3fNon2xDWR4RLNyzyL0NUvsoaQ2wOhnZ0n6GziPgPBqFYnEO7dKV2E74z4-EiiGdCo&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 | 104.153.197.251 | 200 OK | 44 B |
URL GET HTTP/2xadsmart.com/ccmafqvddmvevekhjeb?YOPhoKVt=BQLyAAAAAAAACZUAArOu4-28i6QBJpGXT7Baw6Jz7_L4w4BEU8HqDqAOuQItYrRXHzEUw4xKL-4PGLDMCAGIyIImqC5z8VYkt-2ZVvpCNrXda7P7BoMPh3HpG4WvUm4eTTVzl9Op5y847aYuxtUULh4CysWqBKjCrH60qpm_NIDq5lch-ZooS4qlZi401X9Pnp0p0qDJY7MOX9S2oCaspGlckT0ayUt8Uys6BfGE5YgA6_McqilOlQzoKoBHbGd52nqf_mfgOYeU_g6lweuPaay5y1I_IpWWmKfhJ__Z_Q2WH-RbCV5_7k8U8d0-GkJrV_XuO4GFntTnYxPRiQeafk0hjtXdqWqidE-4E4_sU_pjzBR8TOd6u_n-rV1RJXKywqh1sb989i5-536cJC3rUYaxakijQKnya_JB5vHwb9BJtaeSuHBESqfMRobnrEIn2tx3e3VYtX91tu62pvRW_XHh421No_rwh2klFmIFoUrQEWCq20dNG2SXVcxiAg0kbGqn-XqtYoCZ87iaPVdj7vcCWL8AN7TFyEAQ5ivS0Y_wjXP-PHtO2WeXAj3pqPTCG_JzKQ1Q6bMyTqucZEbcTe29JcDDf99KK7hGFT8mHrxpiwwSKVtMiCIPgRv5UQ2oYtf17_D3qp3vbn84-4XaiED2vhSzSvEvK4o3ldad5lArgMgt7EZtXfX8M1_cE7scP1jJemGMDhC5RXl9A6gY6w9cJ1OLTAjSkF0u6pfl71Qxxd35nCrFowxflQMS0eP7x8mMpEIL16jBnLLpZe6Lw65TQKDJPWA_z5-_j9JuuWGZj-08zcJtkXrxnkK1YdtVgRbKQ85ve7u7y5n3C2EIYMD8DOiLdp3MQD6rw7autpjPLGX-IBHaR5rpkp9UTh3NkPQqAexEvXxULnyhNpHnM0CFfd7sBhtFy6AxPoF-CG_RTshV0WB7fbtHtG3fNon2xDWR4RLNyzyL0NUvsoaQ2wOhnZ0n6GziPgPBqFYnEO7dKV2E74z4-EiiGdCo&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 IP104.153.197.251:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subjectxadsmart.com FingerprintFC:E8:BA:57:31:46:6D:51:70:B5:42:35:6E:CF:97:6F:AF:38:C5:58 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /ccmafqvddmvevekhjeb?YOPhoKVt=BQLyAAAAAAAACZUAArOu4-28i6QBJpGXT7Baw6Jz7_L4w4BEU8HqDqAOuQItYrRXHzEUw4xKL-4PGLDMCAGIyIImqC5z8VYkt-2ZVvpCNrXda7P7BoMPh3HpG4WvUm4eTTVzl9Op5y847aYuxtUULh4CysWqBKjCrH60qpm_NIDq5lch-ZooS4qlZi401X9Pnp0p0qDJY7MOX9S2oCaspGlckT0ayUt8Uys6BfGE5YgA6_McqilOlQzoKoBHbGd52nqf_mfgOYeU_g6lweuPaay5y1I_IpWWmKfhJ__Z_Q2WH-RbCV5_7k8U8d0-GkJrV_XuO4GFntTnYxPRiQeafk0hjtXdqWqidE-4E4_sU_pjzBR8TOd6u_n-rV1RJXKywqh1sb989i5-536cJC3rUYaxakijQKnya_JB5vHwb9BJtaeSuHBESqfMRobnrEIn2tx3e3VYtX91tu62pvRW_XHh421No_rwh2klFmIFoUrQEWCq20dNG2SXVcxiAg0kbGqn-XqtYoCZ87iaPVdj7vcCWL8AN7TFyEAQ5ivS0Y_wjXP-PHtO2WeXAj3pqPTCG_JzKQ1Q6bMyTqucZEbcTe29JcDDf99KK7hGFT8mHrxpiwwSKVtMiCIPgRv5UQ2oYtf17_D3qp3vbn84-4XaiED2vhSzSvEvK4o3ldad5lArgMgt7EZtXfX8M1_cE7scP1jJemGMDhC5RXl9A6gY6w9cJ1OLTAjSkF0u6pfl71Qxxd35nCrFowxflQMS0eP7x8mMpEIL16jBnLLpZe6Lw65TQKDJPWA_z5-_j9JuuWGZj-08zcJtkXrxnkK1YdtVgRbKQ85ve7u7y5n3C2EIYMD8DOiLdp3MQD6rw7autpjPLGX-IBHaR5rpkp9UTh3NkPQqAexEvXxULnyhNpHnM0CFfd7sBhtFy6AxPoF-CG_RTshV0WB7fbtHtG3fNon2xDWR4RLNyzyL0NUvsoaQ2wOhnZ0n6GziPgPBqFYnEO7dKV2E74z4-EiiGdCo&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
set-cookie: PP_CV=yes; expires=Thu, 25 Apr 2024 18:44:26 GMT; Max-Age=3600
fraudcheck=eb5f5ee46a9b0b2389595889b45240f4; expires=Sat, 25 May 2024 17:44:26 GMT; Max-Age=2592000; path=/; domain=.popads.net
popads-ec: 5
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Thu, 25 Apr 2024 17:44:26 GMT
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.161.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.161.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:iRXQcmnlt0VklEyvQIYh7QLDOK31hg:a0KRtffLDYh6WDqi; Expires=Sat, 25-Apr-2026 17:44:26 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:26 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzYUnJea1HwsOkAK4FKd-4hjEL2NDrNSQaRE3o5PFZ1b3HkBXGl1uMRA_Wzc8o5xzH1GV4mDA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-_Lxtou9s5oqjQ_Jmbl-UhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzYUnJea1HwsOkAK4FKd-4hjEL2NDrNSQaRE3o5PFZ1b3HkBXGl1uMRA_Wzc8o5xzH1GV4mDA | 64.233.161.84 | 302 Found | 428 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzYUnJea1HwsOkAK4FKd-4hjEL2NDrNSQaRE3o5PFZ1b3HkBXGl1uMRA_Wzc8o5xzH1GV4mDA IP64.233.161.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
File typeHTML document, ASCII text, with very long lines (404) Hash905a77a2944708a7fa3083f697ba4634 b1378c9a39669e165d6b7a542c289bffabcd255e b3e9df7f59c529a9a5de71f75c316451585a8a29b4ec56353889adccf9d3c6ef
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzYUnJea1HwsOkAK4FKd-4hjEL2NDrNSQaRE3o5PFZ1b3HkBXGl1uMRA_Wzc8o5xzH1GV4mDA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:QxdC4b5WF4eio-OIiaTPAlbuA99Bdg:RySwroU5dM-JzC0d;Path=/;Expires=Sat, 25-Apr-2026 17:44:26 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:26 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwK23TZHZSzKRoBlqX0Zuxj8qO7TRyp-rcjtX5FuW6R1Zz8nn7smk1mEA7sApMwKdf_jU9HlQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268644693%3A1714067066784516&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-o6ayARFiEVrYsZWS2pSEeQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.4 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hasha89d185d9d27c564303cc133f4122856 c3ff1fad7e8d64117b903d0edee4ce54c6db18af d3ca74cee03af1d4ebd4f9c1d50295372d731dc338c958c9d8cd16ce4de9a547
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1408
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 25 Apr 2024 17:44:27 GMT
content-type: application/json
content-length: 6409
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 96b600f50a.a0e351a3aa.com/d7ff2f66a5c3df345a93e5789dd2c3ff.js | 45.133.44.53 | 200 OK | 110 kB |
URL GET HTTP/296b600f50a.a0e351a3aa.com/d7ff2f66a5c3df345a93e5789dd2c3ff.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject96b600f50a.a0e351a3aa.com FingerprintAD:AF:F1:6D:B3:03:A9:36:49:20:2F:CC:29:B3:F0:E6:2D:A0:EA:6D ValidityMon, 22 Apr 2024 02:20:27 GMT - Sun, 21 Jul 2024 02:20:26 GMT
File typegzip compressed data, from Unix Size110 kB (110447 bytes) Hash2dc0fffb896bd1aacef0e67c376abc1b e3b26ed5e2047a6e8b0ddeff35d412dabaecbcae d8727061eb4c56c52e0bb878c756f65774716a2e179edb38755f455b9aed45f2
GET /d7ff2f66a5c3df345a93e5789dd2c3ff.js HTTP/1.1
Host: 96b600f50a.a0e351a3aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Thu, 25 Apr 2024 17:49:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=31841fd3-ed95-4ff7-b77f-3b3ba55144e1&subid=1511354673&sid=30492605&spot_id=529500&created_at=2024-04-25&timezone=0&ver=8.159.0&is_native=1 | 167.235.163.216 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=31841fd3-ed95-4ff7-b77f-3b3ba55144e1&subid=1511354673&sid=30492605&spot_id=529500&created_at=2024-04-25&timezone=0&ver=8.159.0&is_native=1 IP167.235.163.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=31841fd3-ed95-4ff7-b77f-3b3ba55144e1&subid=1511354673&sid=30492605&spot_id=529500&created_at=2024-04-25&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 25 Apr 2024 17:44:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| ef919a7d9f.30f6a0aa8e.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
URL POST HTTP/2ef919a7d9f.30f6a0aa8e.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject30f6a0aa8e.com Fingerprint16:29:00:E5:6C:60:6C:43:65:A5:C4:9B:4C:95:FF:C8:99:55:70:92 ValiditySun, 21 Apr 2024 14:01:53 GMT - Sat, 20 Jul 2024 14:01:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /in/multy HTTP/1.1
Host: ef919a7d9f.30f6a0aa8e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 25 Apr 2024 17:44:31 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.161.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.161.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Klr9TZTLvLfMNKOZMuDUMlCYXujDtg:M8NT6hZewwPmZxcJ; Expires=Sat, 25-Apr-2026 17:44:31 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:31 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxko43jn2tYqOJ92chBxcLzVlpzf5it3fH4SH98dlhyp4tYwMGpG_tAg5m1ptubdWCt1OdwdA
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-NVHRD280KbT8EaOBPUBjMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxko43jn2tYqOJ92chBxcLzVlpzf5it3fH4SH98dlhyp4tYwMGpG_tAg5m1ptubdWCt1OdwdA | 64.233.161.84 | 302 Found | 423 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxko43jn2tYqOJ92chBxcLzVlpzf5it3fH4SH98dlhyp4tYwMGpG_tAg5m1ptubdWCt1OdwdA IP64.233.161.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (404) Hash39d6f7821b1dfd443f9ddef85682b64f 3293b23497f94790ad04f677c38f41f13c26ab73 2c06d1d6ab87578c3f1f90c4430c2e6c90ccfd4da94ad208c5a9559bfff7b12d
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxko43jn2tYqOJ92chBxcLzVlpzf5it3fH4SH98dlhyp4tYwMGpG_tAg5m1ptubdWCt1OdwdA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:MoTntHJBSfgourx0Iqy5V4fbEAoCzw:wVo8Dy89HqXMVPwl;Path=/;Expires=Sat, 25-Apr-2026 17:44:31 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:31 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzcfuW-EUCf3WU7kEFiqx5zCNWY1gvEDwkMXTXlYHrszVsxKs0MhdhtDz6H09KeAUNBkOe2kw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S234899743%3A1714067071667033&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-GLGNVwEiRmMc_34odDyQsw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ef919a7d9f.30f6a0aa8e.com/in/multy | 157.90.84.246 | 200 OK | 3.2 kB |
URL POST HTTP/2ef919a7d9f.30f6a0aa8e.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject30f6a0aa8e.com Fingerprint16:29:00:E5:6C:60:6C:43:65:A5:C4:9B:4C:95:FF:C8:99:55:70:92 ValiditySun, 21 Apr 2024 14:01:53 GMT - Sat, 20 Jul 2024 14:01:52 GMT
Hashdaef51e952196b288435911df80707d9 69a6d8d89c6d5234ee0e05f7145971ab2811b7b7 4d48e44f64e3fff7f6a581c044bf02de79b1226004b0174c580726e9e2e13b72
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /in/multy HTTP/1.1
Host: ef919a7d9f.30f6a0aa8e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2170
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 25 Apr 2024 17:44:31 GMT
content-type: application/json
content-length: 3151
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ef919a7d9f.30f6a0aa8e.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D1283a8bb98&refdom=www.amdahost.com&auction_time=1714067071&subid=1511354673&sid=30492605&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-25&iabcat=IAB25-3&keywords=adult&user_fp=4218319003471198165&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&icons=kUi7k4lsloFHRPCkqnlsZOTCs7M9rFTWJFg0bom3vy70uXjthLyNu9856MFqQqjdkkHI8ETDMR4SPh672N5Oz6wwsJxSxExIeS4rnhwX7XFaowWUI7UfXVp-H3MjfwHQCfcD9Em53F5v7_Ij8tlqr3Od7zGvx08hVT-sbV-Z7CwD04V89Q&ext_cid=0&px_id=529500&min_cpm=0.021054736215847514&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4331902294140526189&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.004089496846114166&cpm=0&verify_hash=d0b1a3f0394538141efe913c7a4bc70e&is_native=4&real_bid=0.0001934009538926644&original_bid_usd=0.000995723&original_bid=0.000995723&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000995723&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000995723&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.16&cpa=dad64914-c6df-4dba-98ab-177188768484&prev_step_diff=1016 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2ef919a7d9f.30f6a0aa8e.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D1283a8bb98&refdom=www.amdahost.com&auction_time=1714067071&subid=1511354673&sid=30492605&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-25&iabcat=IAB25-3&keywords=adult&user_fp=4218319003471198165&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&icons=kUi7k4lsloFHRPCkqnlsZOTCs7M9rFTWJFg0bom3vy70uXjthLyNu9856MFqQqjdkkHI8ETDMR4SPh672N5Oz6wwsJxSxExIeS4rnhwX7XFaowWUI7UfXVp-H3MjfwHQCfcD9Em53F5v7_Ij8tlqr3Od7zGvx08hVT-sbV-Z7CwD04V89Q&ext_cid=0&px_id=529500&min_cpm=0.021054736215847514&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4331902294140526189&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.004089496846114166&cpm=0&verify_hash=d0b1a3f0394538141efe913c7a4bc70e&is_native=4&real_bid=0.0001934009538926644&original_bid_usd=0.000995723&original_bid=0.000995723&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000995723&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000995723&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.16&cpa=dad64914-c6df-4dba-98ab-177188768484&prev_step_diff=1016 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject30f6a0aa8e.com Fingerprint16:29:00:E5:6C:60:6C:43:65:A5:C4:9B:4C:95:FF:C8:99:55:70:92 ValiditySun, 21 Apr 2024 14:01:53 GMT - Sat, 20 Jul 2024 14:01:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D1283a8bb98&refdom=www.amdahost.com&auction_time=1714067071&subid=1511354673&sid=30492605&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-25&iabcat=IAB25-3&keywords=adult&user_fp=4218319003471198165&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&icons=kUi7k4lsloFHRPCkqnlsZOTCs7M9rFTWJFg0bom3vy70uXjthLyNu9856MFqQqjdkkHI8ETDMR4SPh672N5Oz6wwsJxSxExIeS4rnhwX7XFaowWUI7UfXVp-H3MjfwHQCfcD9Em53F5v7_Ij8tlqr3Od7zGvx08hVT-sbV-Z7CwD04V89Q&ext_cid=0&px_id=529500&min_cpm=0.021054736215847514&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4331902294140526189&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.004089496846114166&cpm=0&verify_hash=d0b1a3f0394538141efe913c7a4bc70e&is_native=4&real_bid=0.0001934009538926644&original_bid_usd=0.000995723&original_bid=0.000995723&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000995723&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000000995723&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.16&cpa=dad64914-c6df-4dba-98ab-177188768484&prev_step_diff=1016 HTTP/1.1
Host: ef919a7d9f.30f6a0aa8e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 25 Apr 2024 17:44:32 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| ef919a7d9f.30f6a0aa8e.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D1283a8bb98&refdom=www.amdahost.com&auction_time=1714067071&subid=1511354673&sid=30492605&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-25&iabcat=IAB25-3&keywords=adult&user_fp=4218319003471198165&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b9fd333d96713f0a77f0785f16a2be90&url=https%3A%2F%2Feu.histi.co%2Fnty%2Fpostback%2Fclick%3Fkey%3Dv2-1714067071551-7-9306-1192626-6e732be5-4c20-8c22-c6ae-42edaa801817&icons=P7DjxI7Jnu8V8gWypbjzgWiIY209IAdNr4nyqItlViqTeahPRRymb6rNEIcEw8E8W6oOxQKBMDU_rtKZzzL4QV8SuGVflZPRcL0fA-ElC-BvhDBgYMD7KqB3lI7VNjVcTxAQwUJadnfPeSebxvVh6_K9rZd9dUyl8KFEZyuZRwV_3Lo50L5loXBbocq4jZVWNRRHtdjMwBRQJ7bbNendRHU38XppYIExUBe3hkg84Fj1gaNp_m-0QNuGnz5wRVPtaYKePoZKA6dt9LIUXWcC8mOl4GkWezs8NbBO_VZhTdbD5Eo2s2E1MIzd--d6LaBRT3FBnZ_6&ext_cid=0&px_id=31529500&min_cpm=0.020894766262345762&out_id=0&campaign_type=mq&aid=3251&cid=12822&uniq=380318e90eb2394b12154d6745124b3e4152c951550738c45410d9a6191e9c83&mid=4331902294140526189&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.010837663727208081&cpm=0&verify_hash=3c99747c7a603235b50c4e780c582a57&is_native=1&real_bid=0.0005164600026607486&original_bid_usd=0.00062&original_bid=0.00062&exp=240&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,106,4,5&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1714139071&image_url=https%3A%2F%2Fcdn.amnew.net%2F177cbed865ace90cd245763dadef8805.jpeg&site=native-push-adult&price=0.00062&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000062&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.16&cpa=4208115e-e57c-4b1e-9a88-170b78d9049b&prev_step_diff=1015 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2ef919a7d9f.30f6a0aa8e.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D1283a8bb98&refdom=www.amdahost.com&auction_time=1714067071&subid=1511354673&sid=30492605&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-25&iabcat=IAB25-3&keywords=adult&user_fp=4218319003471198165&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b9fd333d96713f0a77f0785f16a2be90&url=https%3A%2F%2Feu.histi.co%2Fnty%2Fpostback%2Fclick%3Fkey%3Dv2-1714067071551-7-9306-1192626-6e732be5-4c20-8c22-c6ae-42edaa801817&icons=P7DjxI7Jnu8V8gWypbjzgWiIY209IAdNr4nyqItlViqTeahPRRymb6rNEIcEw8E8W6oOxQKBMDU_rtKZzzL4QV8SuGVflZPRcL0fA-ElC-BvhDBgYMD7KqB3lI7VNjVcTxAQwUJadnfPeSebxvVh6_K9rZd9dUyl8KFEZyuZRwV_3Lo50L5loXBbocq4jZVWNRRHtdjMwBRQJ7bbNendRHU38XppYIExUBe3hkg84Fj1gaNp_m-0QNuGnz5wRVPtaYKePoZKA6dt9LIUXWcC8mOl4GkWezs8NbBO_VZhTdbD5Eo2s2E1MIzd--d6LaBRT3FBnZ_6&ext_cid=0&px_id=31529500&min_cpm=0.020894766262345762&out_id=0&campaign_type=mq&aid=3251&cid=12822&uniq=380318e90eb2394b12154d6745124b3e4152c951550738c45410d9a6191e9c83&mid=4331902294140526189&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.010837663727208081&cpm=0&verify_hash=3c99747c7a603235b50c4e780c582a57&is_native=1&real_bid=0.0005164600026607486&original_bid_usd=0.00062&original_bid=0.00062&exp=240&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,106,4,5&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1714139071&image_url=https%3A%2F%2Fcdn.amnew.net%2F177cbed865ace90cd245763dadef8805.jpeg&site=native-push-adult&price=0.00062&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000062&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.16&cpa=4208115e-e57c-4b1e-9a88-170b78d9049b&prev_step_diff=1015 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject30f6a0aa8e.com Fingerprint16:29:00:E5:6C:60:6C:43:65:A5:C4:9B:4C:95:FF:C8:99:55:70:92 ValiditySun, 21 Apr 2024 14:01:53 GMT - Sat, 20 Jul 2024 14:01:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D1283a8bb98&refdom=www.amdahost.com&auction_time=1714067071&subid=1511354673&sid=30492605&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-25&iabcat=IAB25-3&keywords=adult&user_fp=4218319003471198165&score=53.118653920107754&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D1283a8bb98%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b9fd333d96713f0a77f0785f16a2be90&url=https%3A%2F%2Feu.histi.co%2Fnty%2Fpostback%2Fclick%3Fkey%3Dv2-1714067071551-7-9306-1192626-6e732be5-4c20-8c22-c6ae-42edaa801817&icons=P7DjxI7Jnu8V8gWypbjzgWiIY209IAdNr4nyqItlViqTeahPRRymb6rNEIcEw8E8W6oOxQKBMDU_rtKZzzL4QV8SuGVflZPRcL0fA-ElC-BvhDBgYMD7KqB3lI7VNjVcTxAQwUJadnfPeSebxvVh6_K9rZd9dUyl8KFEZyuZRwV_3Lo50L5loXBbocq4jZVWNRRHtdjMwBRQJ7bbNendRHU38XppYIExUBe3hkg84Fj1gaNp_m-0QNuGnz5wRVPtaYKePoZKA6dt9LIUXWcC8mOl4GkWezs8NbBO_VZhTdbD5Eo2s2E1MIzd--d6LaBRT3FBnZ_6&ext_cid=0&px_id=31529500&min_cpm=0.020894766262345762&out_id=0&campaign_type=mq&aid=3251&cid=12822&uniq=380318e90eb2394b12154d6745124b3e4152c951550738c45410d9a6191e9c83&mid=4331902294140526189&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.010837663727208081&cpm=0&verify_hash=3c99747c7a603235b50c4e780c582a57&is_native=1&real_bid=0.0005164600026607486&original_bid_usd=0.00062&original_bid=0.00062&exp=240&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,106,4,5&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1714139071&image_url=https%3A%2F%2Fcdn.amnew.net%2F177cbed865ace90cd245763dadef8805.jpeg&site=native-push-adult&price=0.00062&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000062&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.16&cpa=4208115e-e57c-4b1e-9a88-170b78d9049b&prev_step_diff=1015 HTTP/1.1
Host: ef919a7d9f.30f6a0aa8e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 25 Apr 2024 17:44:32 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.16&cpa=12cb16ce-eec6-4889-bfb2-fe54ccf826e8&prev_step_diff=1016 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.16&cpa=12cb16ce-eec6-4889-bfb2-fe54ccf826e8&prev_step_diff=1016 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.16&cpa=12cb16ce-eec6-4889-bfb2-fe54ccf826e8&prev_step_diff=1016 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:32 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Fri, 25 Apr 2025 17:44:32 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:32 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Fri, 25 Apr 2025 17:44:32 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzcfuW-EUCf3WU7kEFiqx5zCNWY1gvEDwkMXTXlYHrszVsxKs0MhdhtDz6H09KeAUNBkOe2kw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S234899743%3A1714067071667033&theme=mn&ddm=0 | 64.233.161.84 | 403 Forbidden | 805 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzcfuW-EUCf3WU7kEFiqx5zCNWY1gvEDwkMXTXlYHrszVsxKs0MhdhtDz6H09KeAUNBkOe2kw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S234899743%3A1714067071667033&theme=mn&ddm=0 IP64.233.161.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators Hash66d28a6e47d445812f44d53f5c19d19c edf1d5c88e9d819f0890f757eea1c97f4c2ba0d0 b536c1ffda75ab35ff759583bfa0863e9407d3973b0b67dc24896cdbf6062a28
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzcfuW-EUCf3WU7kEFiqx5zCNWY1gvEDwkMXTXlYHrszVsxKs0MhdhtDz6H09KeAUNBkOe2kw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S234899743%3A1714067071667033&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-IUbS8e293y1jPiid0uCTJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.amnew.net/177cbed865ace90cd245763dadef8805.jpeg | 5.200.15.239 | 200 OK | 9.7 kB |
URL GET HTTP/2cdn.amnew.net/177cbed865ace90cd245763dadef8805.jpeg IP5.200.15.239:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.amnew.net FingerprintD9:73:05:EC:E9:FC:0A:5E:1F:2A:E0:A1:97:85:C1:47:E8:5A:AB:5C ValidityMon, 04 Mar 2024 23:09:10 GMT - Sun, 02 Jun 2024 23:09:09 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 192x192, components 3 Hashf07b88c140f142daf3380ca5db89569f 68aab26e7cac791e3c32bae94936a8fab9ad6140 ed396a8b566062db242d91aeed803417659597fbe01ca1344da65df74aca352b
GET /177cbed865ace90cd245763dadef8805.jpeg HTTP/1.1
Host: cdn.amnew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9703
etag: "f07b88c140f142daf3380ca5db89569f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.amnew.net/177cbed865ace90cd245763dadef8805.webp | 5.200.15.239 | 200 OK | 6.2 kB |
URL GET HTTP/2cdn.amnew.net/177cbed865ace90cd245763dadef8805.webp IP5.200.15.239:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.amnew.net FingerprintD9:73:05:EC:E9:FC:0A:5E:1F:2A:E0:A1:97:85:C1:47:E8:5A:AB:5C ValidityMon, 04 Mar 2024 23:09:10 GMT - Sun, 02 Jun 2024 23:09:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp Hash2dcd22f07881fbbd9f2a218284bb1a1b 2d75753a7f23a3b8a276093040f42909a09dd63a 578d83ab1eb928cb3bdaf9868db4aa49802f174f97cfa821d00c7061c7e8dd9b
GET /177cbed865ace90cd245763dadef8805.webp HTTP/1.1
Host: cdn.amnew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 6236
etag: "2dcd22f07881fbbd9f2a218284bb1a1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714066230_1cddd735980e4877.mp4 | 172.67.183.69 | 206 Partial Content | 3.1 MB |
URL GET HTTP/3www.amdahost.com/videos/1714066230_1cddd735980e4877.mp4 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size3.1 MB (3078740 bytes) Hash4d2bbf62e63e5cd8908a4d1257b63c4c 4571b29141da10bd4e9716823c26284b029ab310 585efa4aa0ab6b2b4f73bf4d6487eefe3b4a442ddbcca63056b8b8eeb5853010
GET /videos/1714066230_1cddd735980e4877.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=322797568-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 25 Apr 2024 17:44:34 GMT
content-type: video/mp4
content-length: 3078740
last-modified: Thu, 25 Apr 2024 17:36:05 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-range: bytes 322797568-325876307/325876308
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vkQz5o97mQFbmdFzC9QRGe%2FiPZMG48fvigdcRIRJ%2FxsAKjZywI8PUEQau6%2BEaYfwRoa6B47C3bTZK48mWP40hhmV%2F%2BhFl5Wkt3Dl2S9wiIUD6XsUxtcx1vsF8A9r0nwJV3O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a024065a11b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/rum? | 172.67.183.69 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1088
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e; cf_clearance=SYliCKRwvSumtnF02Xk0k5OHLejfdJXCPWSoh0akz4c-1714067063-1.0.1.1-9GdC5X8FMSDEIw22UgO44ouG_8l_3xdGF14EftZ7PUfGaskfAuK4Ha9gh14ofBdDWG7dhoCKUiWQDiVBW4qb3w; a=hfurBR5r6Kkg6J3cexKdhvRUyRG3TkFf; zone-cap-5263454=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAArOu4-28i6QBJpGXT7Baw6Jz7_L4w4BEU8HqDqAOuQItYrRXHzEUw4xKL-4PGLDMCAGIyIImqC5z8VYkt-2ZVvpCNrXda7P7BoMPh3HpG4WvUm4eTTVzl9Op5y847aYuxtUULh4CysWqBKjCrH60qpm_NIDq5lch-ZooS4qlZi401X9Pnp0p0qDJY7MOX9S2oCaspGlckT0ayUt8Uys6BfGE5YgA6_McqilOlQzoKoBHbGd52nqf_mfgOYeU_g6lweuPaay5y1I_IpWWmKfhJ__Z_Q2WH-RbCV5_7k8U8d0-GkJrV_XuO4GFntTnYxPRiQeafk0hjtXdqWqidE-4E4_sU_pjzBR8TOd6u_n-rV1RJXKywqh1sb989i5-536cJC3rUYaxakijQKnya_JB5vHwb9BJtaeSuHBESqfMRobnrEIn2tx3e3VYtX91tu62pvRW_XHh421No_rwh2klFmIFoUrQEWCq20dNG2SXVcxiAg0kbGqn-XqtYoCZ87iaPVdj7vcCWL8AN7TFyEAQ5ivS0Y_wjXP-PHtO2WeXAj3pqPTCG_JzKQ1Q6bMyTqucZEbcTe29JcDDf99KK7hGFT8mHrxpiwwSKVtMiCIPgRv5UQ2oYtf17_D3qp3vbn84-4XaiED2vhSzSvEvK4o3ldad5lArgMgt7EZtXfX8M1_cE7scP1jJemGMDhC5RXl9A6gY6w9cJ1OLTAjSkF0u6pfl71Qxxd35nCrFowxflQMS0eP7x8mMpEIL16jBnLLpZe6Lw65TQKDJPWA_z5-_j9JuuWGZj-08zcJtkXrxnkK1YdtVgRbKQ85ve7u7y5n3C2EIYMD8DOiLdp3MQD6rw7autpjPLGX-IBHaR5rpkp9UTh3NkPQqAexEvXxULnyhNpHnM0CFfd7sBhtFy6AxPoF-CG_RTshV0WB7fbtHtG3fNon2xDWR4RLNyzyL0NUvsoaQ2wOhnZ0n6GziPgPBqFYnEO7dKV2E74z4-EiiGdCo; _popprepop=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 25 Apr 2024 17:44:35 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a02454e851b50f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| www.amdahost.com/cdn-cgi/rum? | 172.67.183.69 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 520
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Thu, 25 Apr 2024 17:44:46 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a0249b98dab50f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| www.amdahost.com/media/apple-touch-icon.png | 172.67.183.69 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:23 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6801
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsk76lr6T5%2Bk0fL%2BgvQtePVPVeFbg%2B8n%2FEk%2FpSyOCZxvN26zyt%2Fy8PjFlVAW7ZpL2Yk%2BTdiXf3jDLJKEOOroWzGT0IJZC5wPTO5nJlvKGfFoTNf2cyd6fwFXL3gLrdHxwz2Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a02407dbd8b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:26 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 78e912bdee6df726c7f358d1ad94496c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOeCYP%2BekBxGeanBXyIqQzYA2VXm8gogajtE6BF5rtCbhyFg7Kx63aMRDhffHf78Zll9wPXOwCx2Un29OKYm1DpH4C9k6qbNcdqgv6Da%2F2yhTnzD%2Bgg7YMlBUbiAmnMqC5oc2qksJKxQlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a0241aad9cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.79.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.79.73:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a023fc7ed17127-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| eu.histi.co/nty/metrics/save.img?event=impressions&bid-id=v2-1714067071551-7-9306-1192626-6e732be5-4c20-8c22-c6ae-42edaa801817&img=https%3A%2F%2Fcdn.amnew.net%2F177cbed865ace90cd245763dadef8805.webp&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.16&cpa=610b03b5-0d82-4977-9a8d-0b4803f3bb12&prev_step_diff=1015 | 5.200.15.239 | 302 Found | 6.2 kB |
URL GET HTTP/2eu.histi.co/nty/metrics/save.img?event=impressions&bid-id=v2-1714067071551-7-9306-1192626-6e732be5-4c20-8c22-c6ae-42edaa801817&img=https%3A%2F%2Fcdn.amnew.net%2F177cbed865ace90cd245763dadef8805.webp&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.16&cpa=610b03b5-0d82-4977-9a8d-0b4803f3bb12&prev_step_diff=1015 IP5.200.15.239:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.histi.co Fingerprint51:39:7B:2D:18:05:A3:98:5B:95:1C:3D:12:30:8E:67:0C:09:03:2E ValidityTue, 05 Mar 2024 23:08:27 GMT - Mon, 03 Jun 2024 23:08:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nty/metrics/save.img?event=impressions&bid-id=v2-1714067071551-7-9306-1192626-6e732be5-4c20-8c22-c6ae-42edaa801817&img=https%3A%2F%2Fcdn.amnew.net%2F177cbed865ace90cd245763dadef8805.webp&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.16&cpa=610b03b5-0d82-4977-9a8d-0b4803f3bb12&prev_step_diff=1015 HTTP/1.1
Host: eu.histi.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty/1.21.4.1
date: Thu, 25 Apr 2024 17:44:32 GMT
content-length: 0
location: https://cdn.amnew.net/177cbed865ace90cd245763dadef8805.webp
X-Firefox-Spdy: h2
|
|
| www.xadsmart.com/PDgMwm/xJSLite.min.js | 185.76.9.18 | 200 OK | 37 kB |
URL GET HTTP/2www.xadsmart.com/PDgMwm/xJSLite.min.js IP185.76.9.18:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject1376341044.rsc.cdn77.org Fingerprint9E:BC:DC:BC:06:2C:01:7D:11:A9:9F:DB:DC:7A:40:7B:9F:8F:B5:F8 ValidityTue, 20 Feb 2024 02:39:34 GMT - Mon, 20 May 2024 02:39:33 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hashd7dbed577604f50549a63b03bfa18401 1b5458668c7aecbee06b22b21ff6be9a96794393 8a336c5e8047e5d1ec3ace133f6312b27670d7b3d8f30d32b7a611f0a7714860
GET /PDgMwm/xJSLite.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb9
expires: Sat, 27 Apr 2024 00:15:03 GMT
access-control-allow-origin: https://www.amdahost.com
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJDQH3xowHAAwBuUwKDAH3mAAAAAwBJRPCLgH3EQAAAA
x-77-nzt-ray: c0a4cc2870ee756876962a66d5b7fa00
x-accel-expires: @1714176903
x-accel-date: 1713572272
x-77-cache: HIT
x-77-age: 494790
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 494790
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| 96b600f50a.a0e351a3aa.com/db0d47e1b9df736087d413834daa80c9/161855?version_name=c | 45.133.44.53 | 200 OK | 2.4 kB |
URL GET HTTP/296b600f50a.a0e351a3aa.com/db0d47e1b9df736087d413834daa80c9/161855?version_name=c IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject96b600f50a.a0e351a3aa.com FingerprintAD:AF:F1:6D:B3:03:A9:36:49:20:2F:CC:29:B3:F0:E6:2D:A0:EA:6D ValidityMon, 22 Apr 2024 02:20:27 GMT - Sun, 21 Jul 2024 02:20:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
GET /db0d47e1b9df736087d413834daa80c9/161855?version_name=c HTTP/1.1
Host: 96b600f50a.a0e351a3aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Thu, 25 Apr 2024 17:49:22 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 104.22.21.144 | 302 Found | 366 kB |
IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::mzrwh-1714066264104-e415339acf19
cf-cache-status: HIT
age: 539
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a023fbaa4356ab-OSL
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.22 | 200 OK | 233 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65463) Size233 kB (232616 bytes) Hash9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3phkBAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af585630c7fdd20a75962a660ac1200a
x-accel-expires: @1714081359
x-accel-date: 1713994959
x-77-cache: HIT
x-77-age: 72102
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 72102
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 | 144.76.106.61 | 200 OK | 27 kB |
URL GET HTTP/2news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 IP144.76.106.61:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject*.news-galuzo.cc Fingerprint29:96:67:1F:2C:DD:23:45:EA:5F:11:0B:F4:0B:E7:D5:0D:C3:D1:FB ValidityMon, 15 Apr 2024 08:11:44 GMT - Sun, 14 Jul 2024 08:11:43 GMT
File typeJavaScript source, ASCII text, with very long lines (26456) Hash50fb9471f3e0a5e4e1fe718446bdd9eb ca36cbc7b9e5fe15b56da0900682135a32fcaa4c d80287e07b9a3fd394883f2698e3f3c50ebf54421e54ed9d8e9c2644c8121b49
GET /process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP/1.1
Host: news-galuzo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13184, version 1.0 Hash37b12babb3bd0f9d9587cc8ca89a19b9 49cfe5b31144493cec4f21dc63fb2f1051061b45 73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:40:57 GMT
expires: Fri, 25 Apr 2025 02:40:57 GMT
cache-control: public, max-age=31536000
age: 54204
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/get/2020090?zoneid=2020090&jp=_clo07peu7iwly1k4574nip&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178882679780352&eclog=0&im=1&freq=0&uf=0 | 212.117.190.202 | 200 OK | 14 kB |
URL GET HTTP/212ezo5v60.com/get/2020090?zoneid=2020090&jp=_clo07peu7iwly1k4574nip&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178882679780352&eclog=0&im=1&freq=0&uf=0 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (13931), with no line terminators Hash4d02f38152615ceb3e4342d11fdf96f3 5faa286f215e930ed7f83103a6fe938e2c1d912a 87c3f8ba46533c2aea4b5eec52083c4e54db32baf286bb825c9846b6b24558f9
GET /get/2020090?zoneid=2020090&jp=_clo07peu7iwly1k4574nip&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178882679780352&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 29 May 2025 17:44:22 GMT; Secure; SameSite=None
UID=24042512445f15a9328e014b0593e6b50e83; Path=/; Expires=Thu, 29 May 2025 17:44:22 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 420 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash75f97bdeb174d8b64c2078ceff6726a3 beb63d63eb0398c4e6f15b6f2ad83c9fd7ef272d 0dd00245b771e2aada55e76fe50ee64c186e9413f70b1fc54da284a2cab024c6
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwK23TZHZSzKRoBlqX0Zuxj8qO7TRyp-rcjtX5FuW6R1Zz8nn7smk1mEA7sApMwKdf_jU9HlQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268644693%3A1714067066784516&theme=mn&ddm=0 | 64.233.161.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwK23TZHZSzKRoBlqX0Zuxj8qO7TRyp-rcjtX5FuW6R1Zz8nn7smk1mEA7sApMwKdf_jU9HlQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268644693%3A1714067066784516&theme=mn&ddm=0 IP64.233.161.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwK23TZHZSzKRoBlqX0Zuxj8qO7TRyp-rcjtX5FuW6R1Zz8nn7smk1mEA7sApMwKdf_jU9HlQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268644693%3A1714067066784516&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Apr 2024 17:44:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-przpXARL15_NROYIPMQMJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.15 | 200 OK | 165 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Size165 kB (164895 bytes) Hasheb15e779d412d3391d2aae19aa7755d3 e85e090c7bd1847e2936d843e14e9f8b38cea47d 7d4f4482a232632c2c8aa4d37adcd5fb14e9fe2d707ae067df0d87596a2c6c9e
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3ASUAAAwBuUwKAQH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc2899f3074d75962a667484873a
x-accel-expires: @1714068388
x-accel-date: 1714057588
x-77-cache: HIT
x-77-age: 9473
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 9473
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_cln3igs7wrtztz4f8n13gh&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801182959243776&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 2.9 kB |
URL GET HTTP/2ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_cln3igs7wrtztz4f8n13gh&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801182959243776&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (3259), with no line terminators Hashb2bada5d9b3aefc34944ffbe35d5248b 7db3d2ae3d882a455ce3ebcf93a3ceb71318a4f1 3224ac478aee6a826b425ca29a960d829c460ee43fded002bc3a278becc25469
GET /get/2020088?zoneid=2020088&jp=_cln3igs7wrtztz4f8n13gh&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801182959243776&eclog=0&im=1&uf=0 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 29 May 2025 17:44:22 GMT; Secure; SameSite=None
UID=2404251244ee121bb856dc46569c27d0f696; Path=/; Expires=Thu, 29 May 2025 17:44:22 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.202 | 200 OK | 158 kB |
URL GET HTTP/212ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hash3dfaf38c2289e292cc712a7019b2d145 4ef2d477f159e89f5ce4954eb2a8fdb0a727b323 e40fa397a311e3027f5bf108f54ec3ac18a94ea259c061e49840843010d84994
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.166.186 | 200 OK | 82 kB |
IP104.17.166.186:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:24 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 26 May 2024 17:44:24 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 600507
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0240fcb6c0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/includes/update_visits.php | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 54
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e; cf_clearance=SYliCKRwvSumtnF02Xk0k5OHLejfdJXCPWSoh0akz4c-1714067063-1.0.1.1-9GdC5X8FMSDEIw22UgO44ouG_8l_3xdGF14EftZ7PUfGaskfAuK4Ha9gh14ofBdDWG7dhoCKUiWQDiVBW4qb3w; a=hfurBR5r6Kkg6J3cexKdhvRUyRG3TkFf; zone-cap-5263454=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAArOu4-28i6QBJpGXT7Baw6Jz7_L4w4BEU8HqDqAOuQItYrRXHzEUw4xKL-4PGLDMCAGIyIImqC5z8VYkt-2ZVvpCNrXda7P7BoMPh3HpG4WvUm4eTTVzl9Op5y847aYuxtUULh4CysWqBKjCrH60qpm_NIDq5lch-ZooS4qlZi401X9Pnp0p0qDJY7MOX9S2oCaspGlckT0ayUt8Uys6BfGE5YgA6_McqilOlQzoKoBHbGd52nqf_mfgOYeU_g6lweuPaay5y1I_IpWWmKfhJ__Z_Q2WH-RbCV5_7k8U8d0-GkJrV_XuO4GFntTnYxPRiQeafk0hjtXdqWqidE-4E4_sU_pjzBR8TOd6u_n-rV1RJXKywqh1sb989i5-536cJC3rUYaxakijQKnya_JB5vHwb9BJtaeSuHBESqfMRobnrEIn2tx3e3VYtX91tu62pvRW_XHh421No_rwh2klFmIFoUrQEWCq20dNG2SXVcxiAg0kbGqn-XqtYoCZ87iaPVdj7vcCWL8AN7TFyEAQ5ivS0Y_wjXP-PHtO2WeXAj3pqPTCG_JzKQ1Q6bMyTqucZEbcTe29JcDDf99KK7hGFT8mHrxpiwwSKVtMiCIPgRv5UQ2oYtf17_D3qp3vbn84-4XaiED2vhSzSvEvK4o3ldad5lArgMgt7EZtXfX8M1_cE7scP1jJemGMDhC5RXl9A6gY6w9cJ1OLTAjSkF0u6pfl71Qxxd35nCrFowxflQMS0eP7x8mMpEIL16jBnLLpZe6Lw65TQKDJPWA_z5-_j9JuuWGZj-08zcJtkXrxnkK1YdtVgRbKQ85ve7u7y5n3C2EIYMD8DOiLdp3MQD6rw7autpjPLGX-IBHaR5rpkp9UTh3NkPQqAexEvXxULnyhNpHnM0CFfd7sBhtFy6AxPoF-CG_RTshV0WB7fbtHtG3fNon2xDWR4RLNyzyL0NUvsoaQ2wOhnZ0n6GziPgPBqFYnEO7dKV2E74z4-EiiGdCo; _popprepop=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:38 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMk5tjuYW7vhThABjzTOk%2F824damPuEAYGzl3W7BwqKTVHwvrHi2Tk9aYD4O%2FF2uL6hqZWGTufTS7sv2SbU1mMDNDVmGMQEgl0EmR%2BeuMzuJtEULCl4NEXC8WHE71e04LwtM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024642f47b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.22 | 200 OK | 19 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH37hgBAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af585630c7fdd20a76962a668d354701
x-accel-expires: @1714081543
x-accel-date: 1713995144
x-77-cache: HIT
x-77-age: 71918
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 71918
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 104.22.58.221 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP104.22.58.221:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint74:12:B3:16:53:18:34:1F:1C:1F:C7:58:FE:87:06:72:9F:9E:27:E6 ValidityThu, 29 Feb 2024 00:47:39 GMT - Wed, 29 May 2024 00:47:38 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Fri, 26 Apr 2024 20:38:36 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 75946
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a0240608c2712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 172.67.183.69 | 200 OK | 7.9 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7861), with no line terminators Hash8545c477e6e96a843b66b2bfda7553ed fd34d08451293922d18bd943252766be5271ac9f 20eb0db5b1ee8af7f1aee4ab1b47c29489570dc3929da10dd5f993469726fcf1
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35Rq1OXeNFaNFfRV33KqxQbqSq95AB9hvAmJXgJzAz5r6%2F%2B2gZwZtQOpiCwEZsM8%2BQItdeMrZbYwF6em4xS94%2BTr6x3ikZMjamGdrDJFGqEw1A5Q6fGLJb7zDmq4hNBe76wx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a024065a0eb50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 799 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (817), with no line terminators Hashc493231efba2219e3348f16e938d7380 95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/images/close-icon.svg | 185.76.9.15 | 200 OK | 265 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon.svg IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeSVG Scalable Vector Graphics image Hash0e1e3b1614a46466d9535037923e7c34 f8d10a742cd0197a10a041cf447d0dbd3371d07c f66b1cc574e4967cf5417ef445ac663aa9a2ec3cf1c0d23eb1b4c59808237ee0
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:25 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Oct 2022 10:37:28 GMT
etag: W/"634e81e8-109"
expires: Wed, 25 Oct 2023 02:26:39 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH38sWKAQ
x-77-nzt-ray: c0a4cc2899f36dd179962a6668a68232
x-accel-expires: @1719731207
x-accel-date: 1688195207
x-cache: HIT
x-age: 25871858
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25871858
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 17:44:21 GMT
date: Thu, 25 Apr 2024 17:44:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 172.67.183.69 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=1283a8bb98
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 997
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiCPeCFcs6K89iRIUMCaf7b1y8TI7I5UHgBdYP3vVkPhLVEHB4Po2F%2BFix%2B88TrWjFVPrccwY6xoStrqrrkJScoBxdbsMbjwF2pAmT4hoBQJdTF35aKeD3sGNslpUUTPflLv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a023fb6dafb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.183.69 | 302 Found | 7.9 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=a0a6904e6ea86a3024e98ed93509187e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 25 Apr 2024 17:44:22 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzqs5ly2QgHhzDbho8Fv%2FMTfavg%2FZKUSJYsh%2B6hRApIreUWOO0USr%2FbmLXVkTp427DiPHX7JDOkf37GavaGxm0EExFK85vBH86VSak%2Bx87P%2BTU759LT%2F44anG%2FmQeZm2vHxQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a02402fe38b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 96b600f50a.a0e351a3aa.com/6f908e07455db1a39a6b4cc9a2dfd993.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/296b600f50a.a0e351a3aa.com/6f908e07455db1a39a6b4cc9a2dfd993.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subject96b600f50a.a0e351a3aa.com FingerprintAD:AF:F1:6D:B3:03:A9:36:49:20:2F:CC:29:B3:F0:E6:2D:A0:EA:6D ValidityMon, 22 Apr 2024 02:20:27 GMT - Sun, 21 Jul 2024 02:20:26 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /6f908e07455db1a39a6b4cc9a2dfd993.js HTTP/1.1
Host: 96b600f50a.a0e351a3aa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:26 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Thu, 25 Apr 2024 17:49:26 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.15 | 200 OK | 165 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Size165 kB (164895 bytes) Hasheb15e779d412d3391d2aae19aa7755d3 e85e090c7bd1847e2936d843e14e9f8b38cea47d 7d4f4482a232632c2c8aa4d37adcd5fb14e9fe2d707ae067df0d87596a2c6c9e
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3ASUAAAwBuUwKAQH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc2899f3074d75962a66a9efe305
x-accel-expires: @1714068388
x-accel-date: 1714057588
x-77-cache: HIT
x-77-age: 9473
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 9473
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.pemsrv.com/popunder1000.js | 185.76.9.25 | 200 OK | 100 kB |
URL GET HTTP/2a.pemsrv.com/popunder1000.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder1000.js HTTP/1.1
Host: a.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"d9d3b543c03e218b51fa2081f01"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:12 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3AiUAAAwBuUwKEwH3EAAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: af5856307c13b32876962a66e60a5006
x-accel-expires: @1714068388
x-accel-date: 1714057588
x-77-cache: HIT
x-77-age: 9474
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 9474
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801182959243776&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801182959243776&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1801182959243776&eclog=0&im=1 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 17:44:22 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Thu, 29 May 2025 17:44:22 GMT; Secure; SameSite=None
UID=24042512448e105978a2604c4f836d6991b2; Path=/; Expires=Thu, 29 May 2025 17:44:22 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.15 | 200 OK | 165 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=1283a8bb98 CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Size165 kB (164895 bytes) Hasheb15e779d412d3391d2aae19aa7755d3 e85e090c7bd1847e2936d843e14e9f8b38cea47d 7d4f4482a232632c2c8aa4d37adcd5fb14e9fe2d707ae067df0d87596a2c6c9e
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 17:44:21 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3ASUAAAwBuUwKAQH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc2899f3074d75962a6663d5d538
x-accel-expires: @1714068388
x-accel-date: 1714057588
x-77-cache: HIT
x-77-age: 9473
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 9473
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|