| www.amdahost.com/media/logo.png | 104.21.40.89 | 200 OK | 26 kB |
URL GET HTTP/3www.amdahost.com/media/logo.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 382 x 70, 8-bit/color RGBA, non-interlaced Hash9c5c0fe1ed466c1a4801524b31777955 eb7bfae0af480eae554a937a9f64e96a0a4f734a 62b08c1489fff9fb4cf4d33857fb46d4f8298c3f74fc57f92279bdad95472640
GET /media/logo.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:27:51 GMT
content-type: image/png
content-length: 25625
last-modified: Fri, 15 Mar 2024 19:45:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5486
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BUvvaZEGYAKcah3OTYOHKbSLnYUiHTR1jgvssh2ZSQCna4XX4Mq0a%2FXQzd%2BsZw2o15o7TRjOleFVIvfG8bwFX%2Bh1uDDL0QLwwuHdOxuHEJG4Z0EPwoTb%2FG3YI9WROCLfodD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbad8fd956bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.1.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.1.229:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 23:27:52 GMT
age: 5256761
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.130.217 | | 13 kB |
URL vjs.zencdn.net/8.10.0/video-js.css IP151.101.130.217:0
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Tue, 07 May 2024 23:27:52 GMT
x-served-by: cache-hel1410033-HEL
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/4/js/233169 | 88.208.22.3 | | 6.6 kB |
URL 32879.2481april2024.com/4/js/233169 IP88.208.22.3:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, ASCII text, with very long lines (16647), with no line terminators Hashdccfbd9ded49067f0d1e8b0615c3393b bee2120dbcdf6e90981678242171d7ef34006914 166fbafd5e2311e133238e722a8e661ab1fb3d1a27a4dc5478f7ed9e895df7dc
GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:52 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6578
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.74 | | 30 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.74:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:07:52 GMT
expires: Sat, 03 May 2025 02:07:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 422400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 104.22.21.144 | | 112 kB |
URL cdn.tailwindcss.com/3.4.3 IP104.22.21.144:0
File typeJavaScript source, ASCII text, with very long lines (52292) Size112 kB (112401 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:52 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 616560
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbae483d56bb-OSL
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1713336269_df4910dc47bb9b1c.jpg | 104.21.40.89 | 200 OK | 46 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1713336269_df4910dc47bb9b1c.jpg IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash11bf884fe193005cd7314062110c5985 77aa1ed570f6df51ecc3727f0b0a3d0b709fed19 796ba4022d78a9fcfb2b0f8ebc43c42d1dd896e1765ea7a9fefea4e3cb17941b
GET /thumbnails/1713336269_df4910dc47bb9b1c.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:27:52 GMT
content-type: image/jpeg
content-length: 46481
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 23:27:52 GMT
etag: "b591-661f6fcd-8c2d41;;;"
last-modified: Wed, 17 Apr 2024 06:44:29 GMT
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BbBfRhCXV0HDafoD977ZQfi09iNLmNwIAQVJuADQsdzhz%2FQKv%2BRAnzvozziLPjvaBAOk5qKSqrksJxCuLExNmkAc4sQ8H%2B3N3nP9iNVNClmUYWqYsIiGx6ld3nrXgEzPU50"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbad9fde56bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.80.73 | 200 OK | 8.3 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, from Unix Hashd2b2e3048efd7b71813f97e7dd1614db 7de80a03d9ce2f5934676ad6909aedf9bc36cce8 14f5bee2d4716295b0830fd322ebe08160c3058ea02a66447d36fd0144fccddf
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbae3c5ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.74 | 200 OK | 843 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash0ccf07cabe091f032ad0861be2d05fa0 0c1e2e86b4aa5e7a8880b722bad93829450eb312 8aa339953d761ce1758c4fa60eef17fd747eabcdf943efddac24ebb079d9a3db
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:27:52 GMT
date: Tue, 07 May 2024 23:27:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13184, version 1.0 Hash37b12babb3bd0f9d9587cc8ca89a19b9 49cfe5b31144493cec4f21dc63fb2f1051061b45 73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:41:24 GMT
expires: Fri, 02 May 2025 02:41:24 GMT
cache-control: public, max-age=31536000
age: 506789
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 | 216.58.207.227 | | 14 kB |
URL fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 IP216.58.207.227:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13820, version 1.0 Hash2dd698f2699a5ef991625825011bff90 523ff9357131751e57dd78cb92b218a49a130d1d 02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
GET /s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:34:50 GMT
expires: Fri, 02 May 2025 02:34:50 GMT
cache-control: public, max-age=31536000
age: 507183
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8838126675506688&eclog=0&im=1 | 212.117.190.201 | | 43 B |
URL b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8838126675506688&eclog=0&im=1 IP212.117.190.201:0
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8838126675506688&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:53 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 23:27:53 GMT; Secure; SameSite=None
UID=24050718272efd1cea45ab4c95abd9793fc0; Path=/; Expires=Tue, 10 Jun 2025 23:27:53 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clfwr55nh9zdtuf9hi8olv&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8838126675506688&eclog=0&im=1&uf=0 | 212.117.190.201 | | 1.6 kB |
URL b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clfwr55nh9zdtuf9hi8olv&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8838126675506688&eclog=0&im=1&uf=0 IP212.117.190.201:0
File typeASCII text, with very long lines (2974), with no line terminators Hash5538a3810fc2dd6f7c42cc6e958ad30b 152390cae4aa29248c6e312d31f07f133d816c4e c9b45be302d0303829d0b8d41c14c984daaf490d27db674e9231db6a5f8ec9e9
GET /get/2020088?zoneid=2020088&jp=_clfwr55nh9zdtuf9hi8olv&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8838126675506688&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 23:27:53 GMT; Secure; SameSite=None
UID=2405071827d895d313032a4dddba277798e4; Path=/; Expires=Tue, 10 Jun 2025 23:27:53 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 104.22.59.221 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP104.22.59.221:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:53 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Thu, 09 May 2024 21:58:31 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 5362
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8804fbb9ffc85696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/63864341c121fc80a909f55d1d6303d1.js | 45.133.44.52 | | 79 kB |
URL 8d80fcb421.a700fb9c8d.com/63864341c121fc80a909f55d1d6303d1.js IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashf2615689fabacd61ae3168ba344711c6 dca440aac1a878bf5cde1e7e5238fa9f6aac1bb4 b7d10beeeb1163323dae8d3650f745b8479190b2d0d339e6bd41c44c04b4ecda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /63864341c121fc80a909f55d1d6303d1.js HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab3e"
content-encoding: gzip
expires: Tue, 07 May 2024 23:32:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Tue, 07 May 2024 23:32:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8804fba99cfb5693 | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8804fba99cfb5693 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8804fba99cfb5693 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12196
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=P6mtfwKcAOZL3vW6f0DcGMzKRY85BVX2adLovBaaIZo-1715124474-1.0.1.1-Vkz.AMKd20A8G7aSqOpHyoO87zYVV1GSEv54AtLwFxaZ45vYLNiRQvZfWInpIVji3uWxqbudjmMyUNTRkc9alQ; path=/; expires=Wed, 07-May-25 23:27:54 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s59VwSs3HYs2f1LVPL71wL7X2MIf5TbFlWVSfW0Jz4cXHjbJJr1jyQ1qxx6ur%2Bz0nMelJUs%2FyuJjY8YUa%2F3KJ1tzow%2BR3iFXd0QCAAn7bsvUlCcv%2FvBbqgeXb3RXBNZsMVHL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbbb587d56bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js | 212.117.190.201 | 200 OK | 50 kB |
URL GET HTTP/2pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Hashe02f19480eeb80da34c038bd0bcde620 453d236ad3c9db45016d5856247e768bd4aafb44 144fd68a2823ab593b0e8983c3f4cf09634db43c9a9df4648320871c18f48c99
GET /q/tdl/95/dnt/2025683/kep.js HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-164ab"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/dcd78e9358b6891f8d594bc7153a3bce/161855?version_name=d | 45.133.44.52 | | 2.4 kB |
URL 8d80fcb421.a700fb9c8d.com/dcd78e9358b6891f8d594bc7153a3bce/161855?version_name=d IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
Hashee3b41fbcfe8655ca32ffea85b4d969e 07951fda7014916a54c3a374c574ab277f7e7d64 d43c78ba97416968cee1aafc245bf108a1fc0c97e0fa6f7c71961b7161216c66
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dcd78e9358b6891f8d594bc7153a3bce/161855?version_name=d HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Tue, 07 May 2024 23:32:54 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 07 May 2024 23:27:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=17299423069653264179; Expires=Wed, 07 May 2025 23:27:54 GMT; Secure; SameSite=None
Vary: Origin
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 07 May 2024 23:27:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.24 | | 53 kB |
URL cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.24:0 ASN#60068 Datacamp Limited
File typegzip compressed data, from Unix Hashf9130414b8cc205b5e90e2f7861577f1 9d02af04d9e1e793696be0f0b47bef319beb0258 688e08c70f69a278a59ccd4ee0fae4a659535b4cb0c212757e88a68d91a43179
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:52 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3nBgAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af585630291c4d70f8b83a6604feda01
x-accel-expires: @1715204572
x-accel-date: 1715118172
x-77-cache: HIT
x-77-age: 6300
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 6300
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 4.1 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hash361cbf5028f44da7888d89c5077151eb 9eaf6c23f5e703f98ffb9f0b29f198586be2ce84 5c313c93b42ed1dcd1d35f96ffb1350c7bc1c37035282f5ba6481303621ed491
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 23:27:54 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8CrMlTec4%2FNcKLRW5xmb81J%2FFO2lgjmMp3efwfCg2hMUykWvRKy%2BTI4h3SzI2i6enYVqHtTz0dGqgbQlAUodyxcBdK2BvNk7OPPaUlml1OSt6dXn9QS%2Fp084Z%2BnaiIJuvRsmXlqOsUkTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbbd498e56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.74 | | 8.4 kB |
URL fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.74:0
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash332e74f3dcab84732e72067894fe2057 e6b4987781a1f685a8ea45a6160e983b4440beac 6b331b857a792f3645c55206a366fbbedcf1082b0f6c448b834ad760b168f8ed
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:27:52 GMT
date: Tue, 07 May 2024 23:27:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080558dd6c44fccf45ffe90bfa3e57f | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080558dd6c44fccf45ffe90bfa3e57f IP139.45.195.8:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash0864ba8368b8acd901d5f7ad063e2d2c 862c0786eed0e521b533ba5e2adbf59bf9aeed6b bcc4dfb1ee2a7d5a5911dabaef8b1ce7a334dc6548c685d60598e7b2a5dc0779
GET /gid.js?userId=0080558dd6c44fccf45ffe90bfa3e57f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080558dd6c44fccf45ffe90bfa3e57f; expires=Wed, 07 May 2025 23:27:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.74 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash5e15fefe445bd163f4f00f8c33f1630c cf1eeb48833bedb60dceb385a398519fb6f26a9c 34d2a9de7b01d1dd13fc83d0196755dcb3cde6ac98766f80a29eb841995346b3
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:27:52 GMT
date: Tue, 07 May 2024 23:27:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 6fbb07e2de.7aa82805b9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyMjgxOTk1MTAxMTgwNzIzMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41MywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 45.133.44.53 | | 0 B |
URL 6fbb07e2de.7aa82805b9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyMjgxOTk1MTAxMTgwNzIzMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41MywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP45.133.44.53:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyMjgxOTk1MTAxMTgwNzIzMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC41MywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 6fbb07e2de.7aa82805b9.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 7.3 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashbfbe3caa434f28cd8e674cde8c439f5c 6196b654a2a53e15ab25af2ef826531c89795bbd 6b0956a38b7c3b0b07d4e689f61d734e4daf265cb84103e45799a77c5c737eb7
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 23:27:54 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKIzcDadj39bMA8X9Ml8LCt4j8oyUO9WMN8zwPKWV2r%2FKAUHUHCeA2a%2F7HWh6S2iil9tS%2BmbKOYHp5Up%2FqN5x8ld%2B3UhIZjggwuEDjKRUADRQVsc70M2GP0jTxCJpETFdntTN7odBWt5KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbbdc9e656bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=d171f387-1b42-47aa-a4c4-d569c69dd525&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 | 167.235.163.216 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=d171f387-1b42-47aa-a4c4-d569c69dd525&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 IP167.235.163.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=d171f387-1b42-47aa-a4c4-d569c69dd525&subid=14364679&spot_id=560192&created_at=2024-05-07&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=73921772-cf3b-40d3-a59a-0b41bb333240&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 | 167.235.163.216 | | 0 B |
URL nereserv.com/in/dip?event_id=73921772-cf3b-40d3-a59a-0b41bb333240&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 IP167.235.163.216:0 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=73921772-cf3b-40d3-a59a-0b41bb333240&subid=308553955&spot_id=529502&created_at=2024-05-07&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbddip.com/in/dip?site=native-push&wl=1&event_id=821fbb1d-6295-4638-a6f7-37b330d48bc1&subid=1211831614&sid=666637710&spot_id=560190&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 | 167.235.163.216 | | 0 B |
URL mbddip.com/in/dip?site=native-push&wl=1&event_id=821fbb1d-6295-4638-a6f7-37b330d48bc1&subid=1211831614&sid=666637710&spot_id=560190&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 IP167.235.163.216:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=821fbb1d-6295-4638-a6f7-37b330d48bc1&subid=1211831614&sid=666637710&spot_id=560190&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 167.235.163.216 | 204 No Content | 0 B |
IP167.235.163.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:55 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/favicon-16x16.png | 104.21.40.89 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7; cf_clearance=P6mtfwKcAOZL3vW6f0DcGMzKRY85BVX2adLovBaaIZo-1715124474-1.0.1.1-Vkz.AMKd20A8G7aSqOpHyoO87zYVV1GSEv54AtLwFxaZ45vYLNiRQvZfWInpIVji3uWxqbudjmMyUNTRkc9alQ; prefetchAd_7446033=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:27:55 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5483
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8o9ZALoyjGpHUt%2B5CrvbmZcaPI%2Fd09bOIbJJEVeoj3oGbBGmHHIByoVDHRZ%2BNGXRPjDWhSnAvtGLyKl8AdZXrUI9wM83KKCJ3cc6nFh0YrGyfTZ4dSJ5no9lCQ7TfbV6GFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbc3de1c56bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| js.mbidpp.com/popunder-admanager/build.m.js | 45.133.44.52 | | 30 kB |
URL js.mbidpp.com/popunder-admanager/build.m.js IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashbf86f2ee1b5c3d6f231a290c157c3d11 4d9cf7caa959e0a0081a12e38671a1bbf64b4c56 80b72647e8b6d21d10326f4c0afbf6d12322a2423610a737b2b90f5fdee5d245
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Tue, 07 May 2024 23:32:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash5991db4ffbfc4b57b0f99a35a0e6a3d0 1b74b56ddc178de4587ef8898436cff19cc2c66b 17904ae58c5cfd605b9b96ef28a59c0b158141c0d69922267a677ff041ca24d9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 May 2024 23:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 324 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash5aebd17d44825463dc5d20a0fd8b6061 fd05ef614c535a8934771c6fea5b5fdebd105ecb 698865e01b55bfdcc7135031fa7f59454b3153cca7f68c414e801c74a21e8291
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 07 May 2024 23:27:55 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MosKDxOQRbdp9QPAXmettmsqjojAMah24xNZhAMlVE3D3A%2FVFHPScU744jfpygI6tM63sMCR5QmdgccncUL8EVG%2BaMjs9rGm2Od%2FDR1%2BCCerVVgKhd9EKCshe%2FViwgSxx%2FQ3qjxDCH5OEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbc2592956a2-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:qEXQ25YUB7G6jOe6TwmIdxVnT6GOCg:2uqcixiXzdhAPXhI; Expires=Thu, 07-May-2026 23:27:55 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 23:27:55 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwhvJdy-Msp9OSYFDJUC4V6soXchHyzt5PB5ekqQ0ihRDHMzxeT9lCF2MQGAV5wVBnz66Wqig
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-AmGjBjDh8f1GKgSakJWpMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| glakaits.net/?rb=Ee9Fe_k8xlSppK-e4dvkilfAh_DEp8xMsgBeFJ76WD9_Asx1HjN-XR1E5Za3Z1BMhoQSJzU0rpPm_eht-IglKLhpa7l2gJ9frSkgotM2kFT7AByA_1IiWVA_b24Tr78gU_2jqUTxqsEfGrykuE2it3yAid9ct6NjIdIBTZGdubymYctFRkkxSPDl58-AlPSb6TccBciuA6YXi_ejREGenhFMttdw54SjGNL4y4XfOhfJx-Qug8-EpApUs0usjWWG0TmqPRpl3NSeoGEm&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=29b85914-4a22-4cb5-9b6d-b553d064de0e&wasm=1&userId=0080558dd6c44fccf45ffe90bfa3e57f&m=link | 139.45.197.242 | 200 OK | 2.8 kB |
URL GET HTTP/2glakaits.net/?rb=Ee9Fe_k8xlSppK-e4dvkilfAh_DEp8xMsgBeFJ76WD9_Asx1HjN-XR1E5Za3Z1BMhoQSJzU0rpPm_eht-IglKLhpa7l2gJ9frSkgotM2kFT7AByA_1IiWVA_b24Tr78gU_2jqUTxqsEfGrykuE2it3yAid9ct6NjIdIBTZGdubymYctFRkkxSPDl58-AlPSb6TccBciuA6YXi_ejREGenhFMttdw54SjGNL4y4XfOhfJx-Qug8-EpApUs0usjWWG0TmqPRpl3NSeoGEm&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=29b85914-4a22-4cb5-9b6d-b553d064de0e&wasm=1&userId=0080558dd6c44fccf45ffe90bfa3e57f&m=link IP139.45.197.242:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectglakaits.net Fingerprint1F:46:3E:C8:C5:6A:64:F5:29:66:0F:5C:6E:CD:48:77:10:EA:26:02 ValidityTue, 07 May 2024 18:52:12 GMT - Mon, 05 Aug 2024 18:52:11 GMT
File typegzip compressed data, max speed, from Unix Hash959b9325e9e156c7bbfb022a9afa8d83 a0db89a0cd5384a4ab11204cc7612de75739e3ef ae75d5a9f4835ef32ba169b065f787cdfeb276ed3301cfb1c7bae1bf2a5340e4
GET /?rb=Ee9Fe_k8xlSppK-e4dvkilfAh_DEp8xMsgBeFJ76WD9_Asx1HjN-XR1E5Za3Z1BMhoQSJzU0rpPm_eht-IglKLhpa7l2gJ9frSkgotM2kFT7AByA_1IiWVA_b24Tr78gU_2jqUTxqsEfGrykuE2it3yAid9ct6NjIdIBTZGdubymYctFRkkxSPDl58-AlPSb6TccBciuA6YXi_ejREGenhFMttdw54SjGNL4y4XfOhfJx-Qug8-EpApUs0usjWWG0TmqPRpl3NSeoGEm&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=29b85914-4a22-4cb5-9b6d-b553d064de0e&wasm=1&userId=0080558dd6c44fccf45ffe90bfa3e57f&m=link HTTP/1.1
Host: glakaits.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:55 GMT
content-type: application/json
x-trace-id: 7792e7fa7905305e09c0fc0b90ab38db
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080558dd6c44fccf45ffe90bfa3e57f; expires=Wed, 07 May 2025 23:27:55 GMT; path=/; secure; SameSite=None
oaidts=1715124475; expires=Wed, 07 May 2025 23:27:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 23:27:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 104.21.40.89 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7; cf_clearance=P6mtfwKcAOZL3vW6f0DcGMzKRY85BVX2adLovBaaIZo-1715124474-1.0.1.1-Vkz.AMKd20A8G7aSqOpHyoO87zYVV1GSEv54AtLwFxaZ45vYLNiRQvZfWInpIVji3uWxqbudjmMyUNTRkc9alQ; prefetchAd_7446033=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 23:27:55 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOOqbIwMs7eILL36hhgzaGTJEEa6HtXZev08vHxelsqJJDMlYdE99IJF9eWrAnuS6EGpa5fola0UbnXKdSZTFyJqDCHT7ATeeibGbiyAQ761P9qwvzz606%2FR1C7J9Gj3%2Fc2p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbc3de1356bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mbdippex.com/in/multy | 167.235.163.216 | 204 No Content | 6.0 kB |
IP167.235.163.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashf0a2b016521e372a71e88a10f428814f c260bd3b200e04f24682326e3bb68af178ef422f e0fb4c010ce763935e191b9153358b2eb5682a7a8e7ac491c80394ae08fef99a
POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2230
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:55 GMT
content-type: application/json
content-length: 5951
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwhvJdy-Msp9OSYFDJUC4V6soXchHyzt5PB5ekqQ0ihRDHMzxeT9lCF2MQGAV5wVBnz66Wqig | 74.125.131.84 | | 428 B |
URL accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwhvJdy-Msp9OSYFDJUC4V6soXchHyzt5PB5ekqQ0ihRDHMzxeT9lCF2MQGAV5wVBnz66Wqig IP74.125.131.84:0
CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
File typeHTML document, ASCII text, with very long lines (406) Hashd9d178c6b509f2905a2a8c0c32f9f925 b910e2ac79a57757ef789e970beb9c7d19ef3ce9 46a54974359dc146ccfe91c781fc7c72a65c61eeb362be577b51b15675286338
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwhvJdy-Msp9OSYFDJUC4V6soXchHyzt5PB5ekqQ0ihRDHMzxeT9lCF2MQGAV5wVBnz66Wqig HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:hr8gZRmquy2U_lABglW63dnDQbgXzQ:fOnVA4vvmEYFzRaY;Path=/;Expires=Thu, 07-May-2026 23:27:55 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 23:27:55 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxX5S3-l59dUQG1401l-b1jV2yEco3X3RtEqx4O43TG_Uguby1L73tYVHP26sVPBtb-0xJaPA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1610269312%3A1715124475734502&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-Y04-GFh7q0ACnT8jXJ8JFg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashd59e53e22f3681f080bc6a493b7508a1 50ec966f62f5efce0a5fbea8917c5c5b025eaccf cffc1da003262cd2907f76fb611cccac521441669302d10fae3aeb0c9a81c181
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 May 2024 23:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=c8479f2faab244706e4785765d61d94c1715131673&psp=0bjqy1lko4X2nryeVEzkQtiyghMQ-Eha1jIirvArIEYkxEqXEUDdcT5BzSBPvb9_tXI2lK-4uHfq7xYEiLZg2gKP_Mt4sc02UL8mdFySJoyTv7S4JBRmKwg14lbsit5_NuPVebxYQYZoe30RDxhI3ray16NcG4jTzhLGnusRp8Ezo6wuAFdTXjslPGR1gJ13e0sUYO1VqUP_E33mkK00_GHEqXQJHyy38k2ZlbjKRRbmQpV0GHjh5UgFVWjZ4EV9mNwrVEXKjX5Ene6W_EVvAoJlpmaNSvfCWpsMW_Fzey1L17RAqURvuZr0F18H7C6dn9m0gTKYU-9JOtuV7N0yAw2KKwl-zUp9-9cSfzbr6Dkv6VTh8TRL_J8mrdQQHHVUw9joPNTSdWV1PhO9JJ1jpzjKDC5G8VxD3lNN4hp-ZZYrd7Nt1FAN3_E5rsahAdjg6riH1G-79GEgt2xIScQXewc_2WCBRn4PLw6fqyxL9SirFHG2SocUxqJdrvXY_MVlbzSA5M5M80CDFpkiXApw8POpv_nbh8LzXQE4AP_0_YCgWd_dFxQf2STIL5MCueaiGyW2Bulx68kgeA7GZM5eoRanrUHBZZ-_bW68t5zCUItkv-pwM51Wdn6jGO7gVCzUi-8o2-1vRSVQA4w3KHb7DJ0yCW9PQVZQZZ_WQAzI2T6U9--dGedhnUWqjPkEiwOMifhvhQ09SEowFVijLxYFKdgJa_xMfuXDlcM7bTRz4Vj-YPl5tuplxoFidUycGHpUUMfYZcCCglpjyYSIHlWD9u3q7Mi_7-fZIonU8aYECvIYXlIMe2i1FIdRX5iSaPFd66aEY8YUCfQDegDw1G5KiUFXsOXRmMAc-1YEXFTddbAxbUeyoprXf4mWwHgA3rv5x3eUyhQy0rpQNqlMlUBF-q7FTA0Y4viR4oEjVVqH0YPbbooPt5jylE7C2HsOdSiKsWU6IMljuz9yR5KoaieJ9XKTq45ah9kjVVkNQXw9VZW7fYGRYSHA6RbRP1NN_LCXuKirhN15aaTv-y26yOSpcHNW5KbumpD-cHvn9tsWvpDh8cW-yWIrxLU2X1T6AbcdTF4_aYOTN6KxIZI7FfAKxtfQSbH1_fmIWfZEFmlgc1U5wekZ3tl8Tjqfien41f3USNcBEAo3WhtZctMAxflUK4D26rdq5H2lLhsSyrw7L61ctZ7zWQbIHx2EgvSD7jx_jtYKvVTVsRGHstmavVKPq4t0uu3Jrz914KM5jaP57wsVB_w2aQ_XDKDRBUhcO_JojCrEUR9KVnk7DwcmvOLLd3BVdydvhYRP-0TEDoBc2nCX4Y543loWlLuYOHcQCPRN-MEL5bmU1coHK6_4iccTx111vFKauq9aSG4sAVS1cp5pjtAZ7CIQylGhfno9iNXY7kXmXeDy-pi3EIqilD4OlI7QVfYoEyiUHxOn01C6Fud1SMLGEkJtC2Fo8GuprjOlPVQarflVPH7lirdWFP8L0rZmw1Z4P3a9KElS2x4c7lF1AQMDDmewWEpFE5OAK5GGZ6BW6P285ngEYP4hzb41Cw75JJBLWxKyjLOIkiorWqBeAzHZLzYtrUTgBXTiU0F5zmmW9vo9yGFZlAvszA2k158PD5V4YWoI09-eGqeTc4wBktkncCg6N4RsHzo-LHOqt-A_G020bKVjBDag4AT33iOy0ss7qaRHa6DzzSowohdj78E-WF2pzVTgbCi9SXGYSksTt2Yyncu7vaAnVTyj_-9gSmgO3L6VdVY5FHcI3RTNEW7c45zNP2K3OkNOXqL_FqWiLBOX1G7AgzNSuqbQTbETRG6oCKT5lh_q8QN-3p5UX3ihtlJvBtWWQaQoxpW8QpC5jZEpcDQzRyZhzIUhnosI0TpXzOrqoj0qu2vGgZXf-4X5g0Bjp-nFdf8s7pRIbq7weDogYMATG9uvz96ImkaPk7tVrxaeKIph561yotw9Z-8KtwDts8JGHdemGeaeJ45d5dmrPQbqcDJY8mmW8IFxwEPSoQk3JI_1G_nPCbtLd3ygpnngWO0RWckhMIgJ85u3r9vNP1jcBrrwIcC9xQDi9eMeFRjBjFaQVgjSPQL-GZu0wW1uqdOpdgTL9LCcAF1QvYIdGdwYHlLdHYYJFO5gr9JdiBWBL-Gw9S4AfcXxrj7kbJx353xOXM7bBOYuo_a2mKwTqYF24X0Vk2bFU6jKUflS6sgn7uVz-vhwyHAG07aqcTMwRK6sDTXGxCU5tax78OhGORPcYkUqoqlnf7m5h71mExRAlDOFUeAKRKPhId-ZsayoXjSJojlHbPMDsXVedG-cu0J2XIUea6YwGOYD35pRiWz3xtGq2tpztPagNp9ztF9KN465dSFTsKX-HDRUdwzvWeILpZyvsV_K9b1lW6L_SCELv4_vk9dxMXZvdBJdT_W5GRqidklCqehTPaCG_0cYvcZuClZg9gRjM53iuXz_5MZ0exP84TdDryqa-A5IOdyfnULSf-LxchKBwhPpcs30h9RX2_5ZjN4ChgGRtNdQ1nILfrlgSXdghnZXUHMnblbDzRowMQ30k2Drh0QYWz3y2H8cyfeSec1KUenvdhZ5G4GEYLKw2FppZxu0mGKwG-k5jblfaeQ-3_rd5Zbxvt_xDOEf0QDrzjAkwpxJ3ccv6OHJpjrOBjcQV4bng-tXolmKNbDHdh9syLASfJ1NdYKf4xla_Wdl2751R8E8favJ2SAtNrSws8x82Ruxq56UPA6ILRTCAk0jVWanWcFZrYrbwy8mxuk-tvvGnB6nGlqJrsY1Nss5_5exNG3Wo4i2mS-yYqi91C3Bzkq2MzCq-cdcjlESEhpXGwjdveeGfYJxAwZKFgSu7Hr-4uQ6h0baHqAz-zKOcL3CqqbHifodA4m-13rR0HlCO9-_rv9JddUvmyAnOSZalM0naOsuzMnoM8lxrreJ4hSKZleh7bP6Mc6TibEaY5ka5E-tN_p-HzQFdBwRvRQJfvkFRJLS69EL8RXFPT1romOHI5LB-8_ZLOWwPl9b51KiWFLgdCnqsJ-x7_5m63GvgtD67TEHK5ISXgi8aCH3FpiZtsEHM2LLs-PnX1xAHMkjKQGOwoualtzLet3d0Im_hdc5FbrC2TTcNxEo72-pKIE4wAlweyPAITu5fsq4rZn2pi3Kn60MlxvqqeohfxjOQykcrq2xFtScfn4al95FSixq8Mf_DScDSX-ZBWawXYdpVu3GQ6cByDSp7scb-imfPbwa-q5czaNmiGhE603AmN0RBMo9IIv5ivkyn4BPyMJIKK-P1BvH0V1z9p3aqlr9xhkuS9y3oj1goH23n_OMkKH2DqcDvcONpM3pq1z6KEA6uxI3aNMMZo5puwuNSTbmHootMhycs_auOG0jqGwniTClTs3xfw5EVA_WZgEU0ZHg0Sn78gXsmsA_9Q_HadoY2VXMVfTG8IPGGqRBke5dPTCzJoFvkzRtafV8_8KmHv7l_t_Sfn-AOCxYQtK2rBaiWlXMDdeaNf1lEu43gH7D92iZIWOYweDxvd5apltLonTogNmaC2IA8xv42PKkh3yxDozy6ZqhkA1zJkdnjO9IXER1kATtxyUsqd9GjwXTCWb7CWPsAi67t9zhhyf485quDONCTLLGLvYPsn7AwMQrDqvdhBJzBwnsOhHhXMgs7SVq5o5fPtZAecwftu_uj7-mL_6un4zjx3wdmH7P4gmEApnwai0ZXeULsWpnjJ836tCYR5Pkww-_WbOc45rUK4tSojGB7s6r7NjfcH25F3wczUw2I1uHr2dCL4lcdFfPZIMHZs4xhALMkqoC3GAA7sW4OcNJEKI4sxcV2qQsn21JJYJ27aigQmfw8twvZzlFeQ_ZJ_fCCu2KExSsflbAzIpV29owzO89SVGmyb8sprUFYEq7gRENEIic6MYGNw4TTXk3UVKunQ4exZGntgHvFqIFC57NJqAicxfbbWnx_FC5nv7-KgP5a7WN6Ie5k0wRsCJmOD8cLlCduaqxK6IJxHRU0-gTWgtvybeHavxUQ8TvPA27vaTbwg444eSQk8Sh3Zm2HEfBZngzeg1jA3RqPb7E6oQiIwpX630nLYdIqw6X9VBba_zVeSKwk_N72VmUWkcHEg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238302304330752&eclog=0&im=1 | 212.117.190.201 | | 43 B |
URL mpougdusr.com/chicken.gif?z=2020090&pb=c8479f2faab244706e4785765d61d94c1715131673&psp=0bjqy1lko4X2nryeVEzkQtiyghMQ-Eha1jIirvArIEYkxEqXEUDdcT5BzSBPvb9_tXI2lK-4uHfq7xYEiLZg2gKP_Mt4sc02UL8mdFySJoyTv7S4JBRmKwg14lbsit5_NuPVebxYQYZoe30RDxhI3ray16NcG4jTzhLGnusRp8Ezo6wuAFdTXjslPGR1gJ13e0sUYO1VqUP_E33mkK00_GHEqXQJHyy38k2ZlbjKRRbmQpV0GHjh5UgFVWjZ4EV9mNwrVEXKjX5Ene6W_EVvAoJlpmaNSvfCWpsMW_Fzey1L17RAqURvuZr0F18H7C6dn9m0gTKYU-9JOtuV7N0yAw2KKwl-zUp9-9cSfzbr6Dkv6VTh8TRL_J8mrdQQHHVUw9joPNTSdWV1PhO9JJ1jpzjKDC5G8VxD3lNN4hp-ZZYrd7Nt1FAN3_E5rsahAdjg6riH1G-79GEgt2xIScQXewc_2WCBRn4PLw6fqyxL9SirFHG2SocUxqJdrvXY_MVlbzSA5M5M80CDFpkiXApw8POpv_nbh8LzXQE4AP_0_YCgWd_dFxQf2STIL5MCueaiGyW2Bulx68kgeA7GZM5eoRanrUHBZZ-_bW68t5zCUItkv-pwM51Wdn6jGO7gVCzUi-8o2-1vRSVQA4w3KHb7DJ0yCW9PQVZQZZ_WQAzI2T6U9--dGedhnUWqjPkEiwOMifhvhQ09SEowFVijLxYFKdgJa_xMfuXDlcM7bTRz4Vj-YPl5tuplxoFidUycGHpUUMfYZcCCglpjyYSIHlWD9u3q7Mi_7-fZIonU8aYECvIYXlIMe2i1FIdRX5iSaPFd66aEY8YUCfQDegDw1G5KiUFXsOXRmMAc-1YEXFTddbAxbUeyoprXf4mWwHgA3rv5x3eUyhQy0rpQNqlMlUBF-q7FTA0Y4viR4oEjVVqH0YPbbooPt5jylE7C2HsOdSiKsWU6IMljuz9yR5KoaieJ9XKTq45ah9kjVVkNQXw9VZW7fYGRYSHA6RbRP1NN_LCXuKirhN15aaTv-y26yOSpcHNW5KbumpD-cHvn9tsWvpDh8cW-yWIrxLU2X1T6AbcdTF4_aYOTN6KxIZI7FfAKxtfQSbH1_fmIWfZEFmlgc1U5wekZ3tl8Tjqfien41f3USNcBEAo3WhtZctMAxflUK4D26rdq5H2lLhsSyrw7L61ctZ7zWQbIHx2EgvSD7jx_jtYKvVTVsRGHstmavVKPq4t0uu3Jrz914KM5jaP57wsVB_w2aQ_XDKDRBUhcO_JojCrEUR9KVnk7DwcmvOLLd3BVdydvhYRP-0TEDoBc2nCX4Y543loWlLuYOHcQCPRN-MEL5bmU1coHK6_4iccTx111vFKauq9aSG4sAVS1cp5pjtAZ7CIQylGhfno9iNXY7kXmXeDy-pi3EIqilD4OlI7QVfYoEyiUHxOn01C6Fud1SMLGEkJtC2Fo8GuprjOlPVQarflVPH7lirdWFP8L0rZmw1Z4P3a9KElS2x4c7lF1AQMDDmewWEpFE5OAK5GGZ6BW6P285ngEYP4hzb41Cw75JJBLWxKyjLOIkiorWqBeAzHZLzYtrUTgBXTiU0F5zmmW9vo9yGFZlAvszA2k158PD5V4YWoI09-eGqeTc4wBktkncCg6N4RsHzo-LHOqt-A_G020bKVjBDag4AT33iOy0ss7qaRHa6DzzSowohdj78E-WF2pzVTgbCi9SXGYSksTt2Yyncu7vaAnVTyj_-9gSmgO3L6VdVY5FHcI3RTNEW7c45zNP2K3OkNOXqL_FqWiLBOX1G7AgzNSuqbQTbETRG6oCKT5lh_q8QN-3p5UX3ihtlJvBtWWQaQoxpW8QpC5jZEpcDQzRyZhzIUhnosI0TpXzOrqoj0qu2vGgZXf-4X5g0Bjp-nFdf8s7pRIbq7weDogYMATG9uvz96ImkaPk7tVrxaeKIph561yotw9Z-8KtwDts8JGHdemGeaeJ45d5dmrPQbqcDJY8mmW8IFxwEPSoQk3JI_1G_nPCbtLd3ygpnngWO0RWckhMIgJ85u3r9vNP1jcBrrwIcC9xQDi9eMeFRjBjFaQVgjSPQL-GZu0wW1uqdOpdgTL9LCcAF1QvYIdGdwYHlLdHYYJFO5gr9JdiBWBL-Gw9S4AfcXxrj7kbJx353xOXM7bBOYuo_a2mKwTqYF24X0Vk2bFU6jKUflS6sgn7uVz-vhwyHAG07aqcTMwRK6sDTXGxCU5tax78OhGORPcYkUqoqlnf7m5h71mExRAlDOFUeAKRKPhId-ZsayoXjSJojlHbPMDsXVedG-cu0J2XIUea6YwGOYD35pRiWz3xtGq2tpztPagNp9ztF9KN465dSFTsKX-HDRUdwzvWeILpZyvsV_K9b1lW6L_SCELv4_vk9dxMXZvdBJdT_W5GRqidklCqehTPaCG_0cYvcZuClZg9gRjM53iuXz_5MZ0exP84TdDryqa-A5IOdyfnULSf-LxchKBwhPpcs30h9RX2_5ZjN4ChgGRtNdQ1nILfrlgSXdghnZXUHMnblbDzRowMQ30k2Drh0QYWz3y2H8cyfeSec1KUenvdhZ5G4GEYLKw2FppZxu0mGKwG-k5jblfaeQ-3_rd5Zbxvt_xDOEf0QDrzjAkwpxJ3ccv6OHJpjrOBjcQV4bng-tXolmKNbDHdh9syLASfJ1NdYKf4xla_Wdl2751R8E8favJ2SAtNrSws8x82Ruxq56UPA6ILRTCAk0jVWanWcFZrYrbwy8mxuk-tvvGnB6nGlqJrsY1Nss5_5exNG3Wo4i2mS-yYqi91C3Bzkq2MzCq-cdcjlESEhpXGwjdveeGfYJxAwZKFgSu7Hr-4uQ6h0baHqAz-zKOcL3CqqbHifodA4m-13rR0HlCO9-_rv9JddUvmyAnOSZalM0naOsuzMnoM8lxrreJ4hSKZleh7bP6Mc6TibEaY5ka5E-tN_p-HzQFdBwRvRQJfvkFRJLS69EL8RXFPT1romOHI5LB-8_ZLOWwPl9b51KiWFLgdCnqsJ-x7_5m63GvgtD67TEHK5ISXgi8aCH3FpiZtsEHM2LLs-PnX1xAHMkjKQGOwoualtzLet3d0Im_hdc5FbrC2TTcNxEo72-pKIE4wAlweyPAITu5fsq4rZn2pi3Kn60MlxvqqeohfxjOQykcrq2xFtScfn4al95FSixq8Mf_DScDSX-ZBWawXYdpVu3GQ6cByDSp7scb-imfPbwa-q5czaNmiGhE603AmN0RBMo9IIv5ivkyn4BPyMJIKK-P1BvH0V1z9p3aqlr9xhkuS9y3oj1goH23n_OMkKH2DqcDvcONpM3pq1z6KEA6uxI3aNMMZo5puwuNSTbmHootMhycs_auOG0jqGwniTClTs3xfw5EVA_WZgEU0ZHg0Sn78gXsmsA_9Q_HadoY2VXMVfTG8IPGGqRBke5dPTCzJoFvkzRtafV8_8KmHv7l_t_Sfn-AOCxYQtK2rBaiWlXMDdeaNf1lEu43gH7D92iZIWOYweDxvd5apltLonTogNmaC2IA8xv42PKkh3yxDozy6ZqhkA1zJkdnjO9IXER1kATtxyUsqd9GjwXTCWb7CWPsAi67t9zhhyf485quDONCTLLGLvYPsn7AwMQrDqvdhBJzBwnsOhHhXMgs7SVq5o5fPtZAecwftu_uj7-mL_6un4zjx3wdmH7P4gmEApnwai0ZXeULsWpnjJ836tCYR5Pkww-_WbOc45rUK4tSojGB7s6r7NjfcH25F3wczUw2I1uHr2dCL4lcdFfPZIMHZs4xhALMkqoC3GAA7sW4OcNJEKI4sxcV2qQsn21JJYJ27aigQmfw8twvZzlFeQ_ZJ_fCCu2KExSsflbAzIpV29owzO89SVGmyb8sprUFYEq7gRENEIic6MYGNw4TTXk3UVKunQ4exZGntgHvFqIFC57NJqAicxfbbWnx_FC5nv7-KgP5a7WN6Ie5k0wRsCJmOD8cLlCduaqxK6IJxHRU0-gTWgtvybeHavxUQ8TvPA27vaTbwg444eSQk8Sh3Zm2HEfBZngzeg1jA3RqPb7E6oQiIwpX630nLYdIqw6X9VBba_zVeSKwk_N72VmUWkcHEg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238302304330752&eclog=0&im=1 IP212.117.190.201:0
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=c8479f2faab244706e4785765d61d94c1715131673&psp=0bjqy1lko4X2nryeVEzkQtiyghMQ-Eha1jIirvArIEYkxEqXEUDdcT5BzSBPvb9_tXI2lK-4uHfq7xYEiLZg2gKP_Mt4sc02UL8mdFySJoyTv7S4JBRmKwg14lbsit5_NuPVebxYQYZoe30RDxhI3ray16NcG4jTzhLGnusRp8Ezo6wuAFdTXjslPGR1gJ13e0sUYO1VqUP_E33mkK00_GHEqXQJHyy38k2ZlbjKRRbmQpV0GHjh5UgFVWjZ4EV9mNwrVEXKjX5Ene6W_EVvAoJlpmaNSvfCWpsMW_Fzey1L17RAqURvuZr0F18H7C6dn9m0gTKYU-9JOtuV7N0yAw2KKwl-zUp9-9cSfzbr6Dkv6VTh8TRL_J8mrdQQHHVUw9joPNTSdWV1PhO9JJ1jpzjKDC5G8VxD3lNN4hp-ZZYrd7Nt1FAN3_E5rsahAdjg6riH1G-79GEgt2xIScQXewc_2WCBRn4PLw6fqyxL9SirFHG2SocUxqJdrvXY_MVlbzSA5M5M80CDFpkiXApw8POpv_nbh8LzXQE4AP_0_YCgWd_dFxQf2STIL5MCueaiGyW2Bulx68kgeA7GZM5eoRanrUHBZZ-_bW68t5zCUItkv-pwM51Wdn6jGO7gVCzUi-8o2-1vRSVQA4w3KHb7DJ0yCW9PQVZQZZ_WQAzI2T6U9--dGedhnUWqjPkEiwOMifhvhQ09SEowFVijLxYFKdgJa_xMfuXDlcM7bTRz4Vj-YPl5tuplxoFidUycGHpUUMfYZcCCglpjyYSIHlWD9u3q7Mi_7-fZIonU8aYECvIYXlIMe2i1FIdRX5iSaPFd66aEY8YUCfQDegDw1G5KiUFXsOXRmMAc-1YEXFTddbAxbUeyoprXf4mWwHgA3rv5x3eUyhQy0rpQNqlMlUBF-q7FTA0Y4viR4oEjVVqH0YPbbooPt5jylE7C2HsOdSiKsWU6IMljuz9yR5KoaieJ9XKTq45ah9kjVVkNQXw9VZW7fYGRYSHA6RbRP1NN_LCXuKirhN15aaTv-y26yOSpcHNW5KbumpD-cHvn9tsWvpDh8cW-yWIrxLU2X1T6AbcdTF4_aYOTN6KxIZI7FfAKxtfQSbH1_fmIWfZEFmlgc1U5wekZ3tl8Tjqfien41f3USNcBEAo3WhtZctMAxflUK4D26rdq5H2lLhsSyrw7L61ctZ7zWQbIHx2EgvSD7jx_jtYKvVTVsRGHstmavVKPq4t0uu3Jrz914KM5jaP57wsVB_w2aQ_XDKDRBUhcO_JojCrEUR9KVnk7DwcmvOLLd3BVdydvhYRP-0TEDoBc2nCX4Y543loWlLuYOHcQCPRN-MEL5bmU1coHK6_4iccTx111vFKauq9aSG4sAVS1cp5pjtAZ7CIQylGhfno9iNXY7kXmXeDy-pi3EIqilD4OlI7QVfYoEyiUHxOn01C6Fud1SMLGEkJtC2Fo8GuprjOlPVQarflVPH7lirdWFP8L0rZmw1Z4P3a9KElS2x4c7lF1AQMDDmewWEpFE5OAK5GGZ6BW6P285ngEYP4hzb41Cw75JJBLWxKyjLOIkiorWqBeAzHZLzYtrUTgBXTiU0F5zmmW9vo9yGFZlAvszA2k158PD5V4YWoI09-eGqeTc4wBktkncCg6N4RsHzo-LHOqt-A_G020bKVjBDag4AT33iOy0ss7qaRHa6DzzSowohdj78E-WF2pzVTgbCi9SXGYSksTt2Yyncu7vaAnVTyj_-9gSmgO3L6VdVY5FHcI3RTNEW7c45zNP2K3OkNOXqL_FqWiLBOX1G7AgzNSuqbQTbETRG6oCKT5lh_q8QN-3p5UX3ihtlJvBtWWQaQoxpW8QpC5jZEpcDQzRyZhzIUhnosI0TpXzOrqoj0qu2vGgZXf-4X5g0Bjp-nFdf8s7pRIbq7weDogYMATG9uvz96ImkaPk7tVrxaeKIph561yotw9Z-8KtwDts8JGHdemGeaeJ45d5dmrPQbqcDJY8mmW8IFxwEPSoQk3JI_1G_nPCbtLd3ygpnngWO0RWckhMIgJ85u3r9vNP1jcBrrwIcC9xQDi9eMeFRjBjFaQVgjSPQL-GZu0wW1uqdOpdgTL9LCcAF1QvYIdGdwYHlLdHYYJFO5gr9JdiBWBL-Gw9S4AfcXxrj7kbJx353xOXM7bBOYuo_a2mKwTqYF24X0Vk2bFU6jKUflS6sgn7uVz-vhwyHAG07aqcTMwRK6sDTXGxCU5tax78OhGORPcYkUqoqlnf7m5h71mExRAlDOFUeAKRKPhId-ZsayoXjSJojlHbPMDsXVedG-cu0J2XIUea6YwGOYD35pRiWz3xtGq2tpztPagNp9ztF9KN465dSFTsKX-HDRUdwzvWeILpZyvsV_K9b1lW6L_SCELv4_vk9dxMXZvdBJdT_W5GRqidklCqehTPaCG_0cYvcZuClZg9gRjM53iuXz_5MZ0exP84TdDryqa-A5IOdyfnULSf-LxchKBwhPpcs30h9RX2_5ZjN4ChgGRtNdQ1nILfrlgSXdghnZXUHMnblbDzRowMQ30k2Drh0QYWz3y2H8cyfeSec1KUenvdhZ5G4GEYLKw2FppZxu0mGKwG-k5jblfaeQ-3_rd5Zbxvt_xDOEf0QDrzjAkwpxJ3ccv6OHJpjrOBjcQV4bng-tXolmKNbDHdh9syLASfJ1NdYKf4xla_Wdl2751R8E8favJ2SAtNrSws8x82Ruxq56UPA6ILRTCAk0jVWanWcFZrYrbwy8mxuk-tvvGnB6nGlqJrsY1Nss5_5exNG3Wo4i2mS-yYqi91C3Bzkq2MzCq-cdcjlESEhpXGwjdveeGfYJxAwZKFgSu7Hr-4uQ6h0baHqAz-zKOcL3CqqbHifodA4m-13rR0HlCO9-_rv9JddUvmyAnOSZalM0naOsuzMnoM8lxrreJ4hSKZleh7bP6Mc6TibEaY5ka5E-tN_p-HzQFdBwRvRQJfvkFRJLS69EL8RXFPT1romOHI5LB-8_ZLOWwPl9b51KiWFLgdCnqsJ-x7_5m63GvgtD67TEHK5ISXgi8aCH3FpiZtsEHM2LLs-PnX1xAHMkjKQGOwoualtzLet3d0Im_hdc5FbrC2TTcNxEo72-pKIE4wAlweyPAITu5fsq4rZn2pi3Kn60MlxvqqeohfxjOQykcrq2xFtScfn4al95FSixq8Mf_DScDSX-ZBWawXYdpVu3GQ6cByDSp7scb-imfPbwa-q5czaNmiGhE603AmN0RBMo9IIv5ivkyn4BPyMJIKK-P1BvH0V1z9p3aqlr9xhkuS9y3oj1goH23n_OMkKH2DqcDvcONpM3pq1z6KEA6uxI3aNMMZo5puwuNSTbmHootMhycs_auOG0jqGwniTClTs3xfw5EVA_WZgEU0ZHg0Sn78gXsmsA_9Q_HadoY2VXMVfTG8IPGGqRBke5dPTCzJoFvkzRtafV8_8KmHv7l_t_Sfn-AOCxYQtK2rBaiWlXMDdeaNf1lEu43gH7D92iZIWOYweDxvd5apltLonTogNmaC2IA8xv42PKkh3yxDozy6ZqhkA1zJkdnjO9IXER1kATtxyUsqd9GjwXTCWb7CWPsAi67t9zhhyf485quDONCTLLGLvYPsn7AwMQrDqvdhBJzBwnsOhHhXMgs7SVq5o5fPtZAecwftu_uj7-mL_6un4zjx3wdmH7P4gmEApnwai0ZXeULsWpnjJ836tCYR5Pkww-_WbOc45rUK4tSojGB7s6r7NjfcH25F3wczUw2I1uHr2dCL4lcdFfPZIMHZs4xhALMkqoC3GAA7sW4OcNJEKI4sxcV2qQsn21JJYJ27aigQmfw8twvZzlFeQ_ZJ_fCCu2KExSsflbAzIpV29owzO89SVGmyb8sprUFYEq7gRENEIic6MYGNw4TTXk3UVKunQ4exZGntgHvFqIFC57NJqAicxfbbWnx_FC5nv7-KgP5a7WN6Ie5k0wRsCJmOD8cLlCduaqxK6IJxHRU0-gTWgtvybeHavxUQ8TvPA27vaTbwg444eSQk8Sh3Zm2HEfBZngzeg1jA3RqPb7E6oQiIwpX630nLYdIqw6X9VBba_zVeSKwk_N72VmUWkcHEg==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1238302304330752&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405071827af50769ef3904cbbb94baf7d2c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Thu, 06 Jun 2024 23:27:55 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmOrJw; Path=/; Expires=Thu, 06 Jun 2024 23:27:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1713336224_20325cad90c23d5e.mp4 | 104.21.40.89 | 206 Partial Content | 519 kB |
URL GET HTTP/3www.amdahost.com/videos/1713336224_20325cad90c23d5e.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size519 kB (519445 bytes) Hashe79318040592e17a4214f58c5684bc6c fc802f9a6310ab8af354238a298fcf25e0a4ea33 e88d5fc56cce16fcf4f6197b43f8a43880aaffed6a0a864d82c2e3ae8048c215
GET /videos/1713336224_20325cad90c23d5e.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=33816576-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 07 May 2024 23:27:56 GMT
content-type: video/mp4
content-length: 519445
etag: "20bed15-661f6fcb-8c2d40;;;"
last-modified: Wed, 17 Apr 2024 06:44:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
content-range: bytes 33816576-34336020/34336021
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0PWkG7Bgv5h5U69KUAiFgWVV6pJBb6DBguFl2Tb3OlFIN0mQ6l3RP4SJncyRVKmp5e6cfiZqt9kmOO%2BTk%2F7rbuLRmW%2BLNzyvWcpSBskFcncq0%2BclVbCzNCQOjPICCMuj2an"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbbb587e56bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 1.0 kB |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 0fb5c88fd5a96a597d638f3fd6679b52
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4Mb5VB3fvLjA6oEN1lQFXXh59Wm35j9SBM0XT%2FcLnxf762fq%2BoG4Gj39ktSRiTUETOzAspLyqK%2Fsbrhy9OLwc6CuBv9bOE7g4axFIbowGl3SglfBKpe1rO3EISawkfqKRy3K2P9GsNB6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbbe0a6b56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 162 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 07 May 2024 23:27:55 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hSryMYNz8vTUuJjvsTNxwNd9K%2BFkonrtc4OZb7mbKMuw4JK1cI%2BKe0hZFMpY%2Bjp9%2BmkWB%2BWyTSlwe7PgnZD9fwUfLTI7dSKEpHH1UB6mioYnCJgYNGGX0yqL61yAqlc8VVfFkZO7niljA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbc5abbb56a2-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124475&subid=1211831614&sid=666637710&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&icons=60TZBp-Yxsxs4ljuw0A3svUrogi-RgB7SAz8owqVDez88rUDESTQPiN1Mmp8Lk9N3mtTD46rbm8vKh9RTOI3yaaMsEvKPZyBHaL1CfZg7M-PRJTOeBSYmLVKadP6MQyVO4v0ZiHnUKdJqO-nhijeIjLM0f7mZMXDqdpVqOehaijM2Hd8gQ&ext_cid=0&px_id=560190&min_cpm=0.09202600495639769&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7931117125456072275&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01833480080300468&cpm=0&verify_hash=303d952d6e0e15bf76ae180f87fc48fc&is_native=4&real_bid=0.0005512485692561568&original_bid_usd=0.002766826&original_bid=0.002766826&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,114,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.002766826&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027668260000000002&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=ac38118e-b7a3-439b-9809-0c3cfcb1da6a&prev_step_diff=1365 | 167.235.163.216 | | 0 B |
URL mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124475&subid=1211831614&sid=666637710&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&icons=60TZBp-Yxsxs4ljuw0A3svUrogi-RgB7SAz8owqVDez88rUDESTQPiN1Mmp8Lk9N3mtTD46rbm8vKh9RTOI3yaaMsEvKPZyBHaL1CfZg7M-PRJTOeBSYmLVKadP6MQyVO4v0ZiHnUKdJqO-nhijeIjLM0f7mZMXDqdpVqOehaijM2Hd8gQ&ext_cid=0&px_id=560190&min_cpm=0.09202600495639769&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7931117125456072275&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01833480080300468&cpm=0&verify_hash=303d952d6e0e15bf76ae180f87fc48fc&is_native=4&real_bid=0.0005512485692561568&original_bid_usd=0.002766826&original_bid=0.002766826&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,114,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.002766826&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027668260000000002&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=ac38118e-b7a3-439b-9809-0c3cfcb1da6a&prev_step_diff=1365 IP167.235.163.216:0 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124475&subid=1211831614&sid=666637710&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&icons=60TZBp-Yxsxs4ljuw0A3svUrogi-RgB7SAz8owqVDez88rUDESTQPiN1Mmp8Lk9N3mtTD46rbm8vKh9RTOI3yaaMsEvKPZyBHaL1CfZg7M-PRJTOeBSYmLVKadP6MQyVO4v0ZiHnUKdJqO-nhijeIjLM0f7mZMXDqdpVqOehaijM2Hd8gQ&ext_cid=0&px_id=560190&min_cpm=0.09202600495639769&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7931117125456072275&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01833480080300468&cpm=0&verify_hash=303d952d6e0e15bf76ae180f87fc48fc&is_native=4&real_bid=0.0005512485692561568&original_bid_usd=0.002766826&original_bid=0.002766826&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,114,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.002766826&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027668260000000002&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=ac38118e-b7a3-439b-9809-0c3cfcb1da6a&prev_step_diff=1365 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:56 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124475&subid=1211831614&sid=666637710&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DDW-ghfR9rgLwtd-anfAr4clplTJtq4nio4pAENX5EYb5u0sVtqOwLVHciCNA_oUUW1ePnIjdSzTwHCEXqlsOW59faZY0dVvYm_RiFC1s7MqZiLvmwE0taqCj29imdhlaoAlVZxjL1zm28lKY-cO41OH8zM18gb1Dw4S4q7R4ar_ODLl3QZoWMG2Kpz6lvK0AaKjbpYiQuQ-t4C-2Ry9gxKfGmGbq7Zof8YkclZElV5I6e4MWzNJWmXs1v5DPXtECrs0yWq0twOGdnvzjRY_ABa06RhiEVcIx3LpV3GHE7CBajqHiOUlml7SK5pT756ZwwjLJiUebOPm0viaIwdOWjh_SamwbLO-Ta_DZpbiUNb2wf56bOc0_vAno3IrZDonq0-jgrHetP8VoEMf_3T8vpi1qiDMcx-JO8-tT4mlMoIeZz62Q_SIuMRNWgvySfvS1AGsJOWwBF7-_aGe3_IQ1Z_iBCGtmcMCIE7AEA4jwgCGUWVKt2j_WkSXUpnJK_AVQ3eZrfGql7eZX8qfhCTTSHFxN87_THX6-T_Ts1j0AIB0ZYYEZaXkYQGNZa3JLLec6GjDOC1oW1DhgAhpiB8sRZiHKQ_GxdobMLF_e8ws36gSrsHWbOkMpcqPR9XIZVKIW9WIscuDWNhGd11IDJtEWj0760aGQ9lLs--YuSEmnSy6YSvLMB3aio1RUonsCn-FzWU8KwYHicwLqXSJZu1MicBiMHkMX70TgprrklBKP4SLzt0GnnaUiV_rAJz2YwFrvwWZ5FjzJ8b2m21KScF-MZrxad_GeJBzGm6ZbT2irMeHBVnjI6cEnBf1HefSjqDt3oWQ745VmGrxjWaT-kUqJj5RnUSELimysKTO3w8Dym06SCGHPts44uDZlHS-BDgD9PUMKfa4yV2TVDvQYhMzeNLy6evJLfhU2qowMOiMBuhJPvWqb5fUioty6bufkzs2cDUj6EPH1ff3pyHyGjS3t3faXAm2CdSvkMVkYepsvd8N3vPhrjQcUqCFV7vLY3srZ0rSt0PmIrASbetY8Ry-jIgUPBX2gWEs8qoMGVNoewGAvI0j31d4J9PFo57aGIs56orvgf6lDLHIqMgYFJmGTUUSKEusv_3gOTsOKnn3CQiGYqA4KFFZMphw7oKdP9G5E5gDmwQD0P4vzQzVu7K2uQQoWVXOcPNcS1T9WQDOG--abB3ipTCQ1tlheLy1-oR8CSnZ8wgZOpGz_VSUB9xSki1omixuiwAWBczosgRWj2pPPBIB_YoEbpD3o0oI3dZceSmv7i1ECsutRz6U3Sr1E8eNtAFJoMwaCeqmxpm-tyh3fB4gW%26bid%3D0.022404937514462136&icons=sZFwritBb-WZ4BjGr_aJRtvOpXfn8CgJdqBuRu04ZA838W4uFARJSRWZma8N4Gbfmu8Txp6wCGHwo5zoB08-i1lgvW20N0guy5gBhLJLQFgIfREk3iFcxRkaPn99kZtrGOP1MAno7jsDzZ3nUxVGCbFIc1qLlxnqLXE9_Rjtr4-KK32B9WIsnBNIz8RMybDbt_UrperaDJzUdgMcHAF_SFiz1C2ORgYiVBGKAkzeiwuDL2jLlSyCF6e-bQ9cWE1Ax55XXkBFENPwXVkNhIqeEtAMXctBgCO10vSA5--SkWch3ODpIK1lQH5Sbh5j6sKhsnKE-n5mbKbZKz-LMaW_2sne0mqd42LxPdb-zBkDpXOJ_H9QHGZuc3u_EMBkphjPXPk0f3sC_2GpeeC7C2mpcuI0oYlWUSa3M8J8jk9AHWEsvUY8Y-Of8vozNjBc-keUU_HaJZLdLnI1OZK_DmuVl0_98Xj2wzPD7RWttfwmL7uaLa6xcNBvWYKAX7Sgi_zrjBYoasMQk-Vu_r2vDN_YdCkU3QJpGH6y1XnqD7HocHMUd3HO9trVqI6QTM3o7XSJjyN6JTiXVW5P3eCywx3Fmt9t66AenDS7EnWGymwHu-jEZTMJjXkH4_nSUTmU1kN0jewBJvMroJuQj5EAMw9Rf6PYA_p48jvVwYD7dSAE835I5RoBHfcFtvnCbu67d9Vs7W2NbD47qX4Jct4LgiFCjs55uudm4vp4Qnef5R-ykCaSZXTUDgcM6KJbLNyci5qrIt286LKY6oqYiLh_3-xUAgosYGXogxUfWfv0P6VH7_Niz7PRVcccK2Kp1eJHWTdZVFqqsMtI7rK_RUToe4wYw2dA3tpTqgDa90XwhmWOOeZ80ftKQrd8BunhnWYrtoXPbI7WhNRZyD07y_9v9Zqc9Xk2Fqme9SUBc8onxhIEhnc9TZmOcyG6VXdltAWth6OhaE0CsZbw3umwWB81JdzKc-agrt3LeIWDpzB4GLk7XDCEAci334dAniG3QaRXN7mpr55ntk04d-6WT733cavCnBtkB9p2oDBl3Veid295mWgZl88FDIntnEiCJSa_J_qZoOZQKFaahO9MAtg2z01p4_bEqqugoubJchzkTIoK8K2O1MvAyrdBHLVOCeIU9HAXcW5JK9egAPw3eeVdpXHKOcTVhHOWBWqNJEzcSn-1xsRSveLhZwHswKN4-vjv2PD_Yts3Uqwkm9Vzal9yHW2yK-Qf5Hcp6dbcVibFy-sRHYBEKIaa9vALpEr5QoL2MiByO9a_wclk2deheYocl9UQmKSmOa3Q5Jl9YTJj4qnwQIAm4V0AjNDW&ext_cid=224906&px_id=73560190&min_cpm=0.0038056059314455102&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7931117125456072275&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.022404937514462136&verify_hash=a214b0640f7ab4b8f3d91d0d650003e8&is_native=1&real_bid=0.022310837187148123&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,130,4,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715297275&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=1f4c7d23-ed6d-4a46-b75a-56a5cc123c0a&prev_step_diff=1365 | 167.235.163.216 | | 0 B |
URL mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124475&subid=1211831614&sid=666637710&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DDW-ghfR9rgLwtd-anfAr4clplTJtq4nio4pAENX5EYb5u0sVtqOwLVHciCNA_oUUW1ePnIjdSzTwHCEXqlsOW59faZY0dVvYm_RiFC1s7MqZiLvmwE0taqCj29imdhlaoAlVZxjL1zm28lKY-cO41OH8zM18gb1Dw4S4q7R4ar_ODLl3QZoWMG2Kpz6lvK0AaKjbpYiQuQ-t4C-2Ry9gxKfGmGbq7Zof8YkclZElV5I6e4MWzNJWmXs1v5DPXtECrs0yWq0twOGdnvzjRY_ABa06RhiEVcIx3LpV3GHE7CBajqHiOUlml7SK5pT756ZwwjLJiUebOPm0viaIwdOWjh_SamwbLO-Ta_DZpbiUNb2wf56bOc0_vAno3IrZDonq0-jgrHetP8VoEMf_3T8vpi1qiDMcx-JO8-tT4mlMoIeZz62Q_SIuMRNWgvySfvS1AGsJOWwBF7-_aGe3_IQ1Z_iBCGtmcMCIE7AEA4jwgCGUWVKt2j_WkSXUpnJK_AVQ3eZrfGql7eZX8qfhCTTSHFxN87_THX6-T_Ts1j0AIB0ZYYEZaXkYQGNZa3JLLec6GjDOC1oW1DhgAhpiB8sRZiHKQ_GxdobMLF_e8ws36gSrsHWbOkMpcqPR9XIZVKIW9WIscuDWNhGd11IDJtEWj0760aGQ9lLs--YuSEmnSy6YSvLMB3aio1RUonsCn-FzWU8KwYHicwLqXSJZu1MicBiMHkMX70TgprrklBKP4SLzt0GnnaUiV_rAJz2YwFrvwWZ5FjzJ8b2m21KScF-MZrxad_GeJBzGm6ZbT2irMeHBVnjI6cEnBf1HefSjqDt3oWQ745VmGrxjWaT-kUqJj5RnUSELimysKTO3w8Dym06SCGHPts44uDZlHS-BDgD9PUMKfa4yV2TVDvQYhMzeNLy6evJLfhU2qowMOiMBuhJPvWqb5fUioty6bufkzs2cDUj6EPH1ff3pyHyGjS3t3faXAm2CdSvkMVkYepsvd8N3vPhrjQcUqCFV7vLY3srZ0rSt0PmIrASbetY8Ry-jIgUPBX2gWEs8qoMGVNoewGAvI0j31d4J9PFo57aGIs56orvgf6lDLHIqMgYFJmGTUUSKEusv_3gOTsOKnn3CQiGYqA4KFFZMphw7oKdP9G5E5gDmwQD0P4vzQzVu7K2uQQoWVXOcPNcS1T9WQDOG--abB3ipTCQ1tlheLy1-oR8CSnZ8wgZOpGz_VSUB9xSki1omixuiwAWBczosgRWj2pPPBIB_YoEbpD3o0oI3dZceSmv7i1ECsutRz6U3Sr1E8eNtAFJoMwaCeqmxpm-tyh3fB4gW%26bid%3D0.022404937514462136&icons=sZFwritBb-WZ4BjGr_aJRtvOpXfn8CgJdqBuRu04ZA838W4uFARJSRWZma8N4Gbfmu8Txp6wCGHwo5zoB08-i1lgvW20N0guy5gBhLJLQFgIfREk3iFcxRkaPn99kZtrGOP1MAno7jsDzZ3nUxVGCbFIc1qLlxnqLXE9_Rjtr4-KK32B9WIsnBNIz8RMybDbt_UrperaDJzUdgMcHAF_SFiz1C2ORgYiVBGKAkzeiwuDL2jLlSyCF6e-bQ9cWE1Ax55XXkBFENPwXVkNhIqeEtAMXctBgCO10vSA5--SkWch3ODpIK1lQH5Sbh5j6sKhsnKE-n5mbKbZKz-LMaW_2sne0mqd42LxPdb-zBkDpXOJ_H9QHGZuc3u_EMBkphjPXPk0f3sC_2GpeeC7C2mpcuI0oYlWUSa3M8J8jk9AHWEsvUY8Y-Of8vozNjBc-keUU_HaJZLdLnI1OZK_DmuVl0_98Xj2wzPD7RWttfwmL7uaLa6xcNBvWYKAX7Sgi_zrjBYoasMQk-Vu_r2vDN_YdCkU3QJpGH6y1XnqD7HocHMUd3HO9trVqI6QTM3o7XSJjyN6JTiXVW5P3eCywx3Fmt9t66AenDS7EnWGymwHu-jEZTMJjXkH4_nSUTmU1kN0jewBJvMroJuQj5EAMw9Rf6PYA_p48jvVwYD7dSAE835I5RoBHfcFtvnCbu67d9Vs7W2NbD47qX4Jct4LgiFCjs55uudm4vp4Qnef5R-ykCaSZXTUDgcM6KJbLNyci5qrIt286LKY6oqYiLh_3-xUAgosYGXogxUfWfv0P6VH7_Niz7PRVcccK2Kp1eJHWTdZVFqqsMtI7rK_RUToe4wYw2dA3tpTqgDa90XwhmWOOeZ80ftKQrd8BunhnWYrtoXPbI7WhNRZyD07y_9v9Zqc9Xk2Fqme9SUBc8onxhIEhnc9TZmOcyG6VXdltAWth6OhaE0CsZbw3umwWB81JdzKc-agrt3LeIWDpzB4GLk7XDCEAci334dAniG3QaRXN7mpr55ntk04d-6WT733cavCnBtkB9p2oDBl3Veid295mWgZl88FDIntnEiCJSa_J_qZoOZQKFaahO9MAtg2z01p4_bEqqugoubJchzkTIoK8K2O1MvAyrdBHLVOCeIU9HAXcW5JK9egAPw3eeVdpXHKOcTVhHOWBWqNJEzcSn-1xsRSveLhZwHswKN4-vjv2PD_Yts3Uqwkm9Vzal9yHW2yK-Qf5Hcp6dbcVibFy-sRHYBEKIaa9vALpEr5QoL2MiByO9a_wclk2deheYocl9UQmKSmOa3Q5Jl9YTJj4qnwQIAm4V0AjNDW&ext_cid=224906&px_id=73560190&min_cpm=0.0038056059314455102&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7931117125456072275&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.022404937514462136&verify_hash=a214b0640f7ab4b8f3d91d0d650003e8&is_native=1&real_bid=0.022310837187148123&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,130,4,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715297275&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=1f4c7d23-ed6d-4a46-b75a-56a5cc123c0a&prev_step_diff=1365 IP167.235.163.216:0 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124475&subid=1211831614&sid=666637710&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DDW-ghfR9rgLwtd-anfAr4clplTJtq4nio4pAENX5EYb5u0sVtqOwLVHciCNA_oUUW1ePnIjdSzTwHCEXqlsOW59faZY0dVvYm_RiFC1s7MqZiLvmwE0taqCj29imdhlaoAlVZxjL1zm28lKY-cO41OH8zM18gb1Dw4S4q7R4ar_ODLl3QZoWMG2Kpz6lvK0AaKjbpYiQuQ-t4C-2Ry9gxKfGmGbq7Zof8YkclZElV5I6e4MWzNJWmXs1v5DPXtECrs0yWq0twOGdnvzjRY_ABa06RhiEVcIx3LpV3GHE7CBajqHiOUlml7SK5pT756ZwwjLJiUebOPm0viaIwdOWjh_SamwbLO-Ta_DZpbiUNb2wf56bOc0_vAno3IrZDonq0-jgrHetP8VoEMf_3T8vpi1qiDMcx-JO8-tT4mlMoIeZz62Q_SIuMRNWgvySfvS1AGsJOWwBF7-_aGe3_IQ1Z_iBCGtmcMCIE7AEA4jwgCGUWVKt2j_WkSXUpnJK_AVQ3eZrfGql7eZX8qfhCTTSHFxN87_THX6-T_Ts1j0AIB0ZYYEZaXkYQGNZa3JLLec6GjDOC1oW1DhgAhpiB8sRZiHKQ_GxdobMLF_e8ws36gSrsHWbOkMpcqPR9XIZVKIW9WIscuDWNhGd11IDJtEWj0760aGQ9lLs--YuSEmnSy6YSvLMB3aio1RUonsCn-FzWU8KwYHicwLqXSJZu1MicBiMHkMX70TgprrklBKP4SLzt0GnnaUiV_rAJz2YwFrvwWZ5FjzJ8b2m21KScF-MZrxad_GeJBzGm6ZbT2irMeHBVnjI6cEnBf1HefSjqDt3oWQ745VmGrxjWaT-kUqJj5RnUSELimysKTO3w8Dym06SCGHPts44uDZlHS-BDgD9PUMKfa4yV2TVDvQYhMzeNLy6evJLfhU2qowMOiMBuhJPvWqb5fUioty6bufkzs2cDUj6EPH1ff3pyHyGjS3t3faXAm2CdSvkMVkYepsvd8N3vPhrjQcUqCFV7vLY3srZ0rSt0PmIrASbetY8Ry-jIgUPBX2gWEs8qoMGVNoewGAvI0j31d4J9PFo57aGIs56orvgf6lDLHIqMgYFJmGTUUSKEusv_3gOTsOKnn3CQiGYqA4KFFZMphw7oKdP9G5E5gDmwQD0P4vzQzVu7K2uQQoWVXOcPNcS1T9WQDOG--abB3ipTCQ1tlheLy1-oR8CSnZ8wgZOpGz_VSUB9xSki1omixuiwAWBczosgRWj2pPPBIB_YoEbpD3o0oI3dZceSmv7i1ECsutRz6U3Sr1E8eNtAFJoMwaCeqmxpm-tyh3fB4gW%26bid%3D0.022404937514462136&icons=sZFwritBb-WZ4BjGr_aJRtvOpXfn8CgJdqBuRu04ZA838W4uFARJSRWZma8N4Gbfmu8Txp6wCGHwo5zoB08-i1lgvW20N0guy5gBhLJLQFgIfREk3iFcxRkaPn99kZtrGOP1MAno7jsDzZ3nUxVGCbFIc1qLlxnqLXE9_Rjtr4-KK32B9WIsnBNIz8RMybDbt_UrperaDJzUdgMcHAF_SFiz1C2ORgYiVBGKAkzeiwuDL2jLlSyCF6e-bQ9cWE1Ax55XXkBFENPwXVkNhIqeEtAMXctBgCO10vSA5--SkWch3ODpIK1lQH5Sbh5j6sKhsnKE-n5mbKbZKz-LMaW_2sne0mqd42LxPdb-zBkDpXOJ_H9QHGZuc3u_EMBkphjPXPk0f3sC_2GpeeC7C2mpcuI0oYlWUSa3M8J8jk9AHWEsvUY8Y-Of8vozNjBc-keUU_HaJZLdLnI1OZK_DmuVl0_98Xj2wzPD7RWttfwmL7uaLa6xcNBvWYKAX7Sgi_zrjBYoasMQk-Vu_r2vDN_YdCkU3QJpGH6y1XnqD7HocHMUd3HO9trVqI6QTM3o7XSJjyN6JTiXVW5P3eCywx3Fmt9t66AenDS7EnWGymwHu-jEZTMJjXkH4_nSUTmU1kN0jewBJvMroJuQj5EAMw9Rf6PYA_p48jvVwYD7dSAE835I5RoBHfcFtvnCbu67d9Vs7W2NbD47qX4Jct4LgiFCjs55uudm4vp4Qnef5R-ykCaSZXTUDgcM6KJbLNyci5qrIt286LKY6oqYiLh_3-xUAgosYGXogxUfWfv0P6VH7_Niz7PRVcccK2Kp1eJHWTdZVFqqsMtI7rK_RUToe4wYw2dA3tpTqgDa90XwhmWOOeZ80ftKQrd8BunhnWYrtoXPbI7WhNRZyD07y_9v9Zqc9Xk2Fqme9SUBc8onxhIEhnc9TZmOcyG6VXdltAWth6OhaE0CsZbw3umwWB81JdzKc-agrt3LeIWDpzB4GLk7XDCEAci334dAniG3QaRXN7mpr55ntk04d-6WT733cavCnBtkB9p2oDBl3Veid295mWgZl88FDIntnEiCJSa_J_qZoOZQKFaahO9MAtg2z01p4_bEqqugoubJchzkTIoK8K2O1MvAyrdBHLVOCeIU9HAXcW5JK9egAPw3eeVdpXHKOcTVhHOWBWqNJEzcSn-1xsRSveLhZwHswKN4-vjv2PD_Yts3Uqwkm9Vzal9yHW2yK-Qf5Hcp6dbcVibFy-sRHYBEKIaa9vALpEr5QoL2MiByO9a_wclk2deheYocl9UQmKSmOa3Q5Jl9YTJj4qnwQIAm4V0AjNDW&ext_cid=224906&px_id=73560190&min_cpm=0.0038056059314455102&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7931117125456072275&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.022404937514462136&verify_hash=a214b0640f7ab4b8f3d91d0d650003e8&is_native=1&real_bid=0.022310837187148123&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,130,4,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715297275&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=1f4c7d23-ed6d-4a46-b75a-56a5cc123c0a&prev_step_diff=1365 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:56 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 172.67.164.241 | 301 Moved Permanently | 648 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP172.67.164.241:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd45f08ade72324750b816c9e379c41b7 9d1699ce28a3953d8a3d0328a407dbcc7df1daa0 c8c5188e372aa8edf821097544ad5845bc1630d161b1ae81db35a3584f6aa0bf
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 07 May 2024 23:27:55 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCIHkIUEgjx8uxh0vFd%2F5pz5uStHamnbA2tvrNN9O459sNWXVsnZKEdUov7MV3OXK916I4ZodnW65coV9kaGwLZvRYgPrHKblE2AfDwcHOdvvvVvaPVlRfBhbRtlkuRBzIpbnTdu4cpTqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbc60bef56a2-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.24 | | 1.1 kB |
URL static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.24:0 ASN#39572 DataWeb Global Group B.V.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:56 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Wed, 07 May 2025 23:27:56 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxX5S3-l59dUQG1401l-b1jV2yEco3X3RtEqx4O43TG_Uguby1L73tYVHP26sVPBtb-0xJaPA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1610269312%3A1715124475734502&theme=mn&ddm=0 | 74.125.131.84 | | 804 B |
URL accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxX5S3-l59dUQG1401l-b1jV2yEco3X3RtEqx4O43TG_Uguby1L73tYVHP26sVPBtb-0xJaPA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1610269312%3A1715124475734502&theme=mn&ddm=0 IP74.125.131.84:0
CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators Hash63944b070d0b5299fc2fb6d22e780fd2 1b25075621c01de508ef123265c01e754841cb36 ed4abe7007a785bc505cd2aaed2b52fc5eb8a2dcbb86625000fdf95d3c628429
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxX5S3-l59dUQG1401l-b1jV2yEco3X3RtEqx4O43TG_Uguby1L73tYVHP26sVPBtb-0xJaPA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1610269312%3A1715124475734502&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 23:27:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-NRMgC0mB8b7MgDcnddc1iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg | 45.133.44.24 | | 10 kB |
URL imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg IP45.133.44.24:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hashd27321438be78f72c18f84cecb85c11e 31084685ba871245f90f4ac23949bc4aa37ce39b d08796c038822a8e5b0b8f249dda868ce114459c911091b0969acf32df501b98
GET /m/p/0/777/777156/conversions/3b69WTpe-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:56 GMT
content-type: image/jpeg
content-length: 10147
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:54 GMT
etag: "66159ab6-27a3"
x-request-id: a42fb51f65ac1ae8733899620e4ac07b
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | | 0 B |
URL www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:0
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1082
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7; cf_clearance=P6mtfwKcAOZL3vW6f0DcGMzKRY85BVX2adLovBaaIZo-1715124474-1.0.1.1-Vkz.AMKd20A8G7aSqOpHyoO87zYVV1GSEv54AtLwFxaZ45vYLNiRQvZfWInpIVji3uWxqbudjmMyUNTRkc9alQ; prefetchAd_7446033=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 23:27:56 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8804fbcb6b0556bb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg | 45.133.44.24 | 200 OK | 3.0 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hashbbd50a964fd18363b647225883bbb908 960383ba8379454c49adc0ed9c0faf681a898d61 58deb046cbfa7bfae5ed5290686bda50b55be2bf0ea62f1577ca135a8fdeb10e
GET /m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:56 GMT
content-type: image/jpeg
content-length: 2972
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:46 GMT
etag: "66159aae-b9c"
x-request-id: bcbe6ea9e5034af8477860eea5b5ead2
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.7 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hash73d144671c7eeaf60e4c17db5cee16d5 8f991f4ed02ee4381a0cf5f42866b9cdc84c7a1f c78b3d42ec806e55b596986252269121056c0370cb837adefda8fb7e89a77177
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1466
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 07 May 2024 23:27:57 GMT
content-type: application/json
content-length: 6724
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.7 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hash292088e2973b58d8def623bcbce125b2 cb794a6df98d22add9ebc053dac8bb294786aead dc8ca595242556092e2cf15bb2135c1a06148329685993cc0f875862f757041a
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1467
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 07 May 2024 23:27:57 GMT
content-type: application/json
content-length: 6738
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=13a70364-e56b-4178-9ebc-007d00b4061e&subid=1511354673&sid=3243944400&spot_id=529500&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 | 167.235.163.216 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=13a70364-e56b-4178-9ebc-007d00b4061e&subid=1511354673&sid=3243944400&spot_id=529500&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 IP167.235.163.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=13a70364-e56b-4178-9ebc-007d00b4061e&subid=1511354673&sid=3243944400&spot_id=529500&created_at=2024-05-07&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:59 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
URL POST HTTP/263cc093d48.f336d0935e.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /in/multy HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Tue, 07 May 2024 23:27:59 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/multy | 157.90.84.246 | 200 OK | 5.9 kB |
URL POST HTTP/263cc093d48.f336d0935e.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashe1823d68116e92c992d5afe16aa8b7cb 6d62a578970516d554cf823c4fd00e945f54c4b0 694561956b83b67173caf8878d33148fe766c84239430594825f84e1a49a8238
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /in/multy HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2448
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:28:00 GMT
content-type: application/json
content-length: 5929
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=cb064e2f-6b3c-40c0-8fde-7c4426357618&prev_step_diff=660 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=cb064e2f-6b3c-40c0-8fde-7c4426357618&prev_step_diff=660 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=cb064e2f-6b3c-40c0-8fde-7c4426357618&prev_step_diff=660 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 23:28:00 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Wed, 07 May 2025 23:28:00 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124479&subid=1511354673&sid=3243944400&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&icons=aAsLa-DUvinMmfPuB5GzV_GYqtdJzOP51wZFlkhqL3XndqBQBBZdiMzlEg5ZG_Q4iRzGx_QW-XQ9rDbFPmGWHmdIndK0Iky3nKSqE_1CEXH8HDMVwdLiGiPKKoG_ZrnQoTpxPQsi9rIj7hC1oEfiTNvYebjn3mgMczQxz73UDAACAixgYw&ext_cid=0&px_id=529500&min_cpm=0.09202600495639769&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4332212838818600723&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016678203776153977&cpm=0&verify_hash=72172be01a068e723e14849e7aee9122&is_native=4&real_bid=0.0005014418246562482&original_bid_usd=0.002766826&original_bid=0.002766826&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.002766826&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766826&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=9268cad5-4956-47cf-a387-fe329f49ef44&prev_step_diff=660 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/263cc093d48.f336d0935e.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124479&subid=1511354673&sid=3243944400&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&icons=aAsLa-DUvinMmfPuB5GzV_GYqtdJzOP51wZFlkhqL3XndqBQBBZdiMzlEg5ZG_Q4iRzGx_QW-XQ9rDbFPmGWHmdIndK0Iky3nKSqE_1CEXH8HDMVwdLiGiPKKoG_ZrnQoTpxPQsi9rIj7hC1oEfiTNvYebjn3mgMczQxz73UDAACAixgYw&ext_cid=0&px_id=529500&min_cpm=0.09202600495639769&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4332212838818600723&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016678203776153977&cpm=0&verify_hash=72172be01a068e723e14849e7aee9122&is_native=4&real_bid=0.0005014418246562482&original_bid_usd=0.002766826&original_bid=0.002766826&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.002766826&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766826&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=9268cad5-4956-47cf-a387-fe329f49ef44&prev_step_diff=660 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124479&subid=1511354673&sid=3243944400&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&icons=aAsLa-DUvinMmfPuB5GzV_GYqtdJzOP51wZFlkhqL3XndqBQBBZdiMzlEg5ZG_Q4iRzGx_QW-XQ9rDbFPmGWHmdIndK0Iky3nKSqE_1CEXH8HDMVwdLiGiPKKoG_ZrnQoTpxPQsi9rIj7hC1oEfiTNvYebjn3mgMczQxz73UDAACAixgYw&ext_cid=0&px_id=529500&min_cpm=0.09202600495639769&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4332212838818600723&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016678203776153977&cpm=0&verify_hash=72172be01a068e723e14849e7aee9122&is_native=4&real_bid=0.0005014418246562482&original_bid_usd=0.002766826&original_bid=0.002766826&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,27,20,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.002766826&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000002766826&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=9268cad5-4956-47cf-a387-fe329f49ef44&prev_step_diff=660 HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:28:00 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 63cc093d48.f336d0935e.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124479&subid=1511354673&sid=3243944400&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DdHC0l7KvYkTIamqVYTtZ0ueHXOGJyDfaTTlofw8bB3dkrjwqEu3tbFBDjbLo4wbGz-Lly7o66PNSIAnD5wGh2QXGvL9oAmN3NxFwBLgi2K1Ij_81auSgV7xyWcv6mFcFMD8PfHxtW3WX36B_KVTNJP22UBT9L4BKEmiL4zn8K8MvJwjoGW4nzE0Xfl9iOV7hmDtdaC7Vc0hq4IlZ91CDzHulGS1wZgidhM6NlDzRTzZ-HE3HvwPuvQicdTYlStMLh9CMyTfx09SJ2tpZ2DO-JcUMtnfrP84EfHfcJ1K6GsfSJ2xAQjjgwwo6IMFmwsQxwKw_66LNxsYW5CQ_bN3gnLNYh5iJiQJecgdZ12NOjZEVWACUV8tF-yEjJ3uorw1hEfi1WpbB4D1mkrZeVkFe6UjplPGL6RkBwXyUyJ5FyQBN6BKpUDaGkdAOk_SgwGJx9tLZIWW5XJmOs8Hk7e0iEayP8MQT_HkLd7lgeN_eIeFstvgwqJ_Dpv2zqsvm7diG00hfVgxJc7TqEZifjauVPXb4bxEQdfC7ZEWCq0pSfvXwnys179WZj9n4JXbRTxOY7hhGgeAUzgDXcZSG6Ach-Cbw4Sekmseqf349k-wJjXLm6V988cLUxmiWXfcQqCU2VM3_HNORQL8FN78mfjpx7LYoUD1H7sznbHTm5PMnJHltmOJKTT7FxvUBN5CUQMmAy69NN-cIQ5f6GIE8F372lut3CZWrJnOX1SKQSCdIGMyUy9vRK4AwkUlq-HTwvHf7RpD2v78KtbqH-ltyg_-ZBOYeYbosFSOSWfeEZ7R92Lxu9JMjawRkxpp69f5wjg36QOME8nNmBIEOqh0wMvITqA_wyfeM12hztT7tO0FcMdMiM6utqDwy0f8GxQK-5LZuTIgo9FfW4y1EfIUH9_YGid8UbUPoBaVdGPOu17xx3vTkjf0ntP1rTNPqo1T7uTth12W3w792x-u7gAupraCN9hFuVv0q8rQamVa577LpEkTYZsDLJeP-OmdIsBW3d5d3QG4yTbUKlQYfpzF70M-suveipjmv-iaXY-LCLUnEQGWAJcIIGLalzKX1C2Cbz742kP7RDMQOvQrsObe2u1rB1nHzlUpufTBZjDAEZqCgghxWRgJIht1fT4jsSk_TMKfAXNkixlRnaQqzJAMnbm7MgnK1ZWnH3_0PABgVuwuasOycGn1pJXqfpg6BUihPi2pUzcTcjcE_7HaB89P0f6iSOPgq1tvu5bmStKZLwgG2MP-iSZpXLq95OVetY2RwpLjI4xPBN3du2WeecD3-LUa0N5pRcwcGfJVAH3CQxLrohJmbq2rt%26bid%3D0.02355775200841991&icons=aGWhGp1Z-oT26doybMbNc7bBAQeXw5W98gxy8ivEjQxX7nciTyAgzF6X7lEPiC_HQOUajBKL284WFnwUsyCuNNZGYRdUmkDQSI5wQjB_LhKXP4EZZgT9CBBolgpDH5GKJiOvB6bVnrmSUc1y3WKMo5xyEtgVO3M3Bcoih36yMf94-lDEaKds3VDRsA2Yn9tyLrprKNRNe6d4Y3YCyFuGplRHykI8BVOeuiniZfwdAq-q3I7qPA38N9TwD1khVzQiI1yLC28MzQI4a01hULvLgB-mjDJZkmcmD5R0eWEybKLj5kckWx8Pu3a3mKRCNF0KiPYb5PfUiFgXlk5tJZhE5JGEYrJ-HgXKSdluFDlkkObT7YIEoBV4oDxwmXat6d5IYTNv_VHEsj9LcVtReKZxCQ3bY4suQZnPEa-r2WDu_YjN1t2Ne2HnqFaz8gkTRc4zhlzp3fofGvgEPRBeq68LEQ7mcqLJgE_WTYnevnxDk5z8S0NZS6z0LGgSBtYtB6SRgW6Jat8zgcT1IPEIlK0dYV8jpQGOabkrE676THtGIUt2n7CKa2p8yP1ghkHRPCb6933ZDuXbwB5TVAKflv8RHcEjah9Xnh0X9JNjgGN8dD3nye3E0M-oghZT0wNpug37JfdwXKj8OkY9MYspke6j7FYRuhcN7oMHnVPgqaH3eXAsPp51ulr8QsbVTawGb3XaUYKAnP92U4gkoCzoHfg6Ch1sK4ZwZ-pFM4jv66vFSsohPBxreHBmovHrSMV-NmXFxTtaFdEq5OEsn6U1Y7IbuQjw66udD2NAs-8_4B4FOh24bPYTpAHfuM28BdOmmMxPTHUJRGzd1hBVnAzG5xsLHHanX7AmwGdAiK31yovvKH1ZP5nOPvhtvgTgSQwlkcVDu7V1kQQQi1_d3WsvAfSw5pAPRLjiQEk996Hk7CfnqSa_mEbpQfBb3mMft_mzH2qG0e_rJDRAjVpI15-VLRVb3bIrB-b_QOweM5Nx5EHf1PtBlqQkd6f4zxpeu-hqiot5_-d2224MRPPE9ZgUBDWP-x2KhOVkZJx4hvF465Gv7qgAU-JERY8IDbnQAePYyIz6DyVqhqjrBx0IfYGEpZ8MACYp_jkd1PTFSRUKKKoN9lqAAWwjp5klTcX6Eo1mLO2qkUd5qNmnryf0CoE9PqmQ-P4SThaEa_Lb4b1_wRqr6zyB22izdyl2eQED3ZRf41q_t7fNcJfMfsNRoFS7qnAUWzqAYs0O_BZkqa-qI161SBV9LSUAihn10eoaMNOk_dhv5bHOlH951Z6Ms6AL63eDIQMXOiowoD7B6mYB6abk2w_AsBHviH0&ext_cid=224906&px_id=73529500&min_cpm=0.0038056059314455102&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=4332212838818600723&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.02355775200841991&verify_hash=c35381e26a744bbdcbc9f003b564ca8b&is_native=1&real_bid=0.02345880988133994&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,4,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1715297279&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=d4ff55ff-852f-4820-9c36-f7c2702ff708&prev_step_diff=659 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/263cc093d48.f336d0935e.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124479&subid=1511354673&sid=3243944400&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DdHC0l7KvYkTIamqVYTtZ0ueHXOGJyDfaTTlofw8bB3dkrjwqEu3tbFBDjbLo4wbGz-Lly7o66PNSIAnD5wGh2QXGvL9oAmN3NxFwBLgi2K1Ij_81auSgV7xyWcv6mFcFMD8PfHxtW3WX36B_KVTNJP22UBT9L4BKEmiL4zn8K8MvJwjoGW4nzE0Xfl9iOV7hmDtdaC7Vc0hq4IlZ91CDzHulGS1wZgidhM6NlDzRTzZ-HE3HvwPuvQicdTYlStMLh9CMyTfx09SJ2tpZ2DO-JcUMtnfrP84EfHfcJ1K6GsfSJ2xAQjjgwwo6IMFmwsQxwKw_66LNxsYW5CQ_bN3gnLNYh5iJiQJecgdZ12NOjZEVWACUV8tF-yEjJ3uorw1hEfi1WpbB4D1mkrZeVkFe6UjplPGL6RkBwXyUyJ5FyQBN6BKpUDaGkdAOk_SgwGJx9tLZIWW5XJmOs8Hk7e0iEayP8MQT_HkLd7lgeN_eIeFstvgwqJ_Dpv2zqsvm7diG00hfVgxJc7TqEZifjauVPXb4bxEQdfC7ZEWCq0pSfvXwnys179WZj9n4JXbRTxOY7hhGgeAUzgDXcZSG6Ach-Cbw4Sekmseqf349k-wJjXLm6V988cLUxmiWXfcQqCU2VM3_HNORQL8FN78mfjpx7LYoUD1H7sznbHTm5PMnJHltmOJKTT7FxvUBN5CUQMmAy69NN-cIQ5f6GIE8F372lut3CZWrJnOX1SKQSCdIGMyUy9vRK4AwkUlq-HTwvHf7RpD2v78KtbqH-ltyg_-ZBOYeYbosFSOSWfeEZ7R92Lxu9JMjawRkxpp69f5wjg36QOME8nNmBIEOqh0wMvITqA_wyfeM12hztT7tO0FcMdMiM6utqDwy0f8GxQK-5LZuTIgo9FfW4y1EfIUH9_YGid8UbUPoBaVdGPOu17xx3vTkjf0ntP1rTNPqo1T7uTth12W3w792x-u7gAupraCN9hFuVv0q8rQamVa577LpEkTYZsDLJeP-OmdIsBW3d5d3QG4yTbUKlQYfpzF70M-suveipjmv-iaXY-LCLUnEQGWAJcIIGLalzKX1C2Cbz742kP7RDMQOvQrsObe2u1rB1nHzlUpufTBZjDAEZqCgghxWRgJIht1fT4jsSk_TMKfAXNkixlRnaQqzJAMnbm7MgnK1ZWnH3_0PABgVuwuasOycGn1pJXqfpg6BUihPi2pUzcTcjcE_7HaB89P0f6iSOPgq1tvu5bmStKZLwgG2MP-iSZpXLq95OVetY2RwpLjI4xPBN3du2WeecD3-LUa0N5pRcwcGfJVAH3CQxLrohJmbq2rt%26bid%3D0.02355775200841991&icons=aGWhGp1Z-oT26doybMbNc7bBAQeXw5W98gxy8ivEjQxX7nciTyAgzF6X7lEPiC_HQOUajBKL284WFnwUsyCuNNZGYRdUmkDQSI5wQjB_LhKXP4EZZgT9CBBolgpDH5GKJiOvB6bVnrmSUc1y3WKMo5xyEtgVO3M3Bcoih36yMf94-lDEaKds3VDRsA2Yn9tyLrprKNRNe6d4Y3YCyFuGplRHykI8BVOeuiniZfwdAq-q3I7qPA38N9TwD1khVzQiI1yLC28MzQI4a01hULvLgB-mjDJZkmcmD5R0eWEybKLj5kckWx8Pu3a3mKRCNF0KiPYb5PfUiFgXlk5tJZhE5JGEYrJ-HgXKSdluFDlkkObT7YIEoBV4oDxwmXat6d5IYTNv_VHEsj9LcVtReKZxCQ3bY4suQZnPEa-r2WDu_YjN1t2Ne2HnqFaz8gkTRc4zhlzp3fofGvgEPRBeq68LEQ7mcqLJgE_WTYnevnxDk5z8S0NZS6z0LGgSBtYtB6SRgW6Jat8zgcT1IPEIlK0dYV8jpQGOabkrE676THtGIUt2n7CKa2p8yP1ghkHRPCb6933ZDuXbwB5TVAKflv8RHcEjah9Xnh0X9JNjgGN8dD3nye3E0M-oghZT0wNpug37JfdwXKj8OkY9MYspke6j7FYRuhcN7oMHnVPgqaH3eXAsPp51ulr8QsbVTawGb3XaUYKAnP92U4gkoCzoHfg6Ch1sK4ZwZ-pFM4jv66vFSsohPBxreHBmovHrSMV-NmXFxTtaFdEq5OEsn6U1Y7IbuQjw66udD2NAs-8_4B4FOh24bPYTpAHfuM28BdOmmMxPTHUJRGzd1hBVnAzG5xsLHHanX7AmwGdAiK31yovvKH1ZP5nOPvhtvgTgSQwlkcVDu7V1kQQQi1_d3WsvAfSw5pAPRLjiQEk996Hk7CfnqSa_mEbpQfBb3mMft_mzH2qG0e_rJDRAjVpI15-VLRVb3bIrB-b_QOweM5Nx5EHf1PtBlqQkd6f4zxpeu-hqiot5_-d2224MRPPE9ZgUBDWP-x2KhOVkZJx4hvF465Gv7qgAU-JERY8IDbnQAePYyIz6DyVqhqjrBx0IfYGEpZ8MACYp_jkd1PTFSRUKKKoN9lqAAWwjp5klTcX6Eo1mLO2qkUd5qNmnryf0CoE9PqmQ-P4SThaEa_Lb4b1_wRqr6zyB22izdyl2eQED3ZRf41q_t7fNcJfMfsNRoFS7qnAUWzqAYs0O_BZkqa-qI161SBV9LSUAihn10eoaMNOk_dhv5bHOlH951Z6Ms6AL63eDIQMXOiowoD7B6mYB6abk2w_AsBHviH0&ext_cid=224906&px_id=73529500&min_cpm=0.0038056059314455102&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=4332212838818600723&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.02355775200841991&verify_hash=c35381e26a744bbdcbc9f003b564ca8b&is_native=1&real_bid=0.02345880988133994&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,4,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1715297279&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=d4ff55ff-852f-4820-9c36-f7c2702ff708&prev_step_diff=659 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectf336d0935e.com FingerprintFC:39:EE:08:B2:B5:A2:11:69:1D:03:8B:B3:C4:CA:05:DB:3E:B1:82 ValidityFri, 03 May 2024 14:01:54 GMT - Thu, 01 Aug 2024 14:01:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&refdom=www.amdahost.com&auction_time=1715124479&subid=1511354673&sid=3243944400&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=adult&user_fp=5258541072280280995&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D6777cbdbc1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DdHC0l7KvYkTIamqVYTtZ0ueHXOGJyDfaTTlofw8bB3dkrjwqEu3tbFBDjbLo4wbGz-Lly7o66PNSIAnD5wGh2QXGvL9oAmN3NxFwBLgi2K1Ij_81auSgV7xyWcv6mFcFMD8PfHxtW3WX36B_KVTNJP22UBT9L4BKEmiL4zn8K8MvJwjoGW4nzE0Xfl9iOV7hmDtdaC7Vc0hq4IlZ91CDzHulGS1wZgidhM6NlDzRTzZ-HE3HvwPuvQicdTYlStMLh9CMyTfx09SJ2tpZ2DO-JcUMtnfrP84EfHfcJ1K6GsfSJ2xAQjjgwwo6IMFmwsQxwKw_66LNxsYW5CQ_bN3gnLNYh5iJiQJecgdZ12NOjZEVWACUV8tF-yEjJ3uorw1hEfi1WpbB4D1mkrZeVkFe6UjplPGL6RkBwXyUyJ5FyQBN6BKpUDaGkdAOk_SgwGJx9tLZIWW5XJmOs8Hk7e0iEayP8MQT_HkLd7lgeN_eIeFstvgwqJ_Dpv2zqsvm7diG00hfVgxJc7TqEZifjauVPXb4bxEQdfC7ZEWCq0pSfvXwnys179WZj9n4JXbRTxOY7hhGgeAUzgDXcZSG6Ach-Cbw4Sekmseqf349k-wJjXLm6V988cLUxmiWXfcQqCU2VM3_HNORQL8FN78mfjpx7LYoUD1H7sznbHTm5PMnJHltmOJKTT7FxvUBN5CUQMmAy69NN-cIQ5f6GIE8F372lut3CZWrJnOX1SKQSCdIGMyUy9vRK4AwkUlq-HTwvHf7RpD2v78KtbqH-ltyg_-ZBOYeYbosFSOSWfeEZ7R92Lxu9JMjawRkxpp69f5wjg36QOME8nNmBIEOqh0wMvITqA_wyfeM12hztT7tO0FcMdMiM6utqDwy0f8GxQK-5LZuTIgo9FfW4y1EfIUH9_YGid8UbUPoBaVdGPOu17xx3vTkjf0ntP1rTNPqo1T7uTth12W3w792x-u7gAupraCN9hFuVv0q8rQamVa577LpEkTYZsDLJeP-OmdIsBW3d5d3QG4yTbUKlQYfpzF70M-suveipjmv-iaXY-LCLUnEQGWAJcIIGLalzKX1C2Cbz742kP7RDMQOvQrsObe2u1rB1nHzlUpufTBZjDAEZqCgghxWRgJIht1fT4jsSk_TMKfAXNkixlRnaQqzJAMnbm7MgnK1ZWnH3_0PABgVuwuasOycGn1pJXqfpg6BUihPi2pUzcTcjcE_7HaB89P0f6iSOPgq1tvu5bmStKZLwgG2MP-iSZpXLq95OVetY2RwpLjI4xPBN3du2WeecD3-LUa0N5pRcwcGfJVAH3CQxLrohJmbq2rt%26bid%3D0.02355775200841991&icons=aGWhGp1Z-oT26doybMbNc7bBAQeXw5W98gxy8ivEjQxX7nciTyAgzF6X7lEPiC_HQOUajBKL284WFnwUsyCuNNZGYRdUmkDQSI5wQjB_LhKXP4EZZgT9CBBolgpDH5GKJiOvB6bVnrmSUc1y3WKMo5xyEtgVO3M3Bcoih36yMf94-lDEaKds3VDRsA2Yn9tyLrprKNRNe6d4Y3YCyFuGplRHykI8BVOeuiniZfwdAq-q3I7qPA38N9TwD1khVzQiI1yLC28MzQI4a01hULvLgB-mjDJZkmcmD5R0eWEybKLj5kckWx8Pu3a3mKRCNF0KiPYb5PfUiFgXlk5tJZhE5JGEYrJ-HgXKSdluFDlkkObT7YIEoBV4oDxwmXat6d5IYTNv_VHEsj9LcVtReKZxCQ3bY4suQZnPEa-r2WDu_YjN1t2Ne2HnqFaz8gkTRc4zhlzp3fofGvgEPRBeq68LEQ7mcqLJgE_WTYnevnxDk5z8S0NZS6z0LGgSBtYtB6SRgW6Jat8zgcT1IPEIlK0dYV8jpQGOabkrE676THtGIUt2n7CKa2p8yP1ghkHRPCb6933ZDuXbwB5TVAKflv8RHcEjah9Xnh0X9JNjgGN8dD3nye3E0M-oghZT0wNpug37JfdwXKj8OkY9MYspke6j7FYRuhcN7oMHnVPgqaH3eXAsPp51ulr8QsbVTawGb3XaUYKAnP92U4gkoCzoHfg6Ch1sK4ZwZ-pFM4jv66vFSsohPBxreHBmovHrSMV-NmXFxTtaFdEq5OEsn6U1Y7IbuQjw66udD2NAs-8_4B4FOh24bPYTpAHfuM28BdOmmMxPTHUJRGzd1hBVnAzG5xsLHHanX7AmwGdAiK31yovvKH1ZP5nOPvhtvgTgSQwlkcVDu7V1kQQQi1_d3WsvAfSw5pAPRLjiQEk996Hk7CfnqSa_mEbpQfBb3mMft_mzH2qG0e_rJDRAjVpI15-VLRVb3bIrB-b_QOweM5Nx5EHf1PtBlqQkd6f4zxpeu-hqiot5_-d2224MRPPE9ZgUBDWP-x2KhOVkZJx4hvF465Gv7qgAU-JERY8IDbnQAePYyIz6DyVqhqjrBx0IfYGEpZ8MACYp_jkd1PTFSRUKKKoN9lqAAWwjp5klTcX6Eo1mLO2qkUd5qNmnryf0CoE9PqmQ-P4SThaEa_Lb4b1_wRqr6zyB22izdyl2eQED3ZRf41q_t7fNcJfMfsNRoFS7qnAUWzqAYs0O_BZkqa-qI161SBV9LSUAihn10eoaMNOk_dhv5bHOlH951Z6Ms6AL63eDIQMXOiowoD7B6mYB6abk2w_AsBHviH0&ext_cid=224906&px_id=73529500&min_cpm=0.0038056059314455102&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=4332212838818600723&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03176602058410654&cpm=0.02355775200841991&verify_hash=c35381e26a744bbdcbc9f003b564ca8b&is_native=1&real_bid=0.02345880988133994&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,4,90&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1715297279&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=d4ff55ff-852f-4820-9c36-f7c2702ff708&prev_step_diff=659 HTTP/1.1
Host: 63cc093d48.f336d0935e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 23:28:00 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg | 45.133.44.24 | 200 OK | 11 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hash7a0f4319e0c7d4e0ec42eae657ba39fd e2940c23868c5975a1dc1a3c963609b34abbe6b5 6c0278ead1dce8c37b6b233d5251184cd820586eeb5d30db860c1c7315d5dba0
GET /m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 23:28:00 GMT
content-type: image/jpeg
content-length: 11228
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:57 GMT
etag: "66159d89-2bdc"
x-request-id: 13aea49745d30295dcee0faf2bf8a0c1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=0U46lAWPU2o3CYtAruDhYrU83DZC-OzCOAb41vW-a6N0bxAKYfmw3ashrH_ovyuyrZLQoI2gipwEfRKddQatLmgZkYubLDczCZoGqaRH3fjyGirnGiBuv0PTpVeJzqOoZ_4c8ArGiqdcgmgJ5sG4m0LEg-Mb6meK4WDJ2UZsr-tLszaBjaGWKcSpQWMEN3gdd72LBwNh6H83u8eKUSXtDlVT2fDYeFpTC6xxRFIEpdjIelFA8fGzBjg1PVjuBjr2GHD-BhJQ0lCV1m3S6Z5a9c8FB8v9hQcLooG9uJW9em7qBaKErRvD8r4tZRjZ9PERyr4yVjCudGHi0iTwgHq_wmmfanVBYx6OVMM0QMyCXxWsbYLdWWj5mhbgtq2WpN5-zLfzcqVvbu-KFhOD0zltmu4qSYDtrpZRjJoxPE-ITtWb6wiQcVpe4NSDMRJ6ukDRNhBhOUCSC2nwOBnps98pbInorlNm_ymlUjn4j7XkVohmZ2zU0CgUhKCn9J-vKoQggN2KRen3qRCy_OgDP7k11ByunCEJawpU8rx7jV5cVo2n4VMUzynSknKs5zZI6E_CTSMGpl3LEiO0FD2gOBwfZz79iY0UdWGZ0iu7R6GerJ0WQySfGG_vgfxO9inSAMmMQhs1PeUxx12Jvib6vnRW3bRCCgIp4L2F7tkLIgkV52C1uODH9dvTupc1Wp0As3aUdmisxMTKtZOu6AzMJEsFnJHcyUrmw7-PkMRO4CDAfRZ4Irgvi7mUxPkolddfcELKS2-Mezgqkv5ZzXXdANe6KBAJ_sgsvGiB-18WsslRuHbyiDi9AViPWSAlqL8W-Gk0-VyfPy63DBr6CnbtbCuxpC_WH9544sX4BRXtXGYMEWdy2rW9PQKrK7OGb6RO&bid=0.02355775200841991&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=0a73b677-a548-47bd-a5a2-272b947680f1&prev_step_diff=659 | 172.67.185.171 | | 0 B |
URL p.a64x.com/in/tip_shows/?katds_ep=0U46lAWPU2o3CYtAruDhYrU83DZC-OzCOAb41vW-a6N0bxAKYfmw3ashrH_ovyuyrZLQoI2gipwEfRKddQatLmgZkYubLDczCZoGqaRH3fjyGirnGiBuv0PTpVeJzqOoZ_4c8ArGiqdcgmgJ5sG4m0LEg-Mb6meK4WDJ2UZsr-tLszaBjaGWKcSpQWMEN3gdd72LBwNh6H83u8eKUSXtDlVT2fDYeFpTC6xxRFIEpdjIelFA8fGzBjg1PVjuBjr2GHD-BhJQ0lCV1m3S6Z5a9c8FB8v9hQcLooG9uJW9em7qBaKErRvD8r4tZRjZ9PERyr4yVjCudGHi0iTwgHq_wmmfanVBYx6OVMM0QMyCXxWsbYLdWWj5mhbgtq2WpN5-zLfzcqVvbu-KFhOD0zltmu4qSYDtrpZRjJoxPE-ITtWb6wiQcVpe4NSDMRJ6ukDRNhBhOUCSC2nwOBnps98pbInorlNm_ymlUjn4j7XkVohmZ2zU0CgUhKCn9J-vKoQggN2KRen3qRCy_OgDP7k11ByunCEJawpU8rx7jV5cVo2n4VMUzynSknKs5zZI6E_CTSMGpl3LEiO0FD2gOBwfZz79iY0UdWGZ0iu7R6GerJ0WQySfGG_vgfxO9inSAMmMQhs1PeUxx12Jvib6vnRW3bRCCgIp4L2F7tkLIgkV52C1uODH9dvTupc1Wp0As3aUdmisxMTKtZOu6AzMJEsFnJHcyUrmw7-PkMRO4CDAfRZ4Irgvi7mUxPkolddfcELKS2-Mezgqkv5ZzXXdANe6KBAJ_sgsvGiB-18WsslRuHbyiDi9AViPWSAlqL8W-Gk0-VyfPy63DBr6CnbtbCuxpC_WH9544sX4BRXtXGYMEWdy2rW9PQKrK7OGb6RO&bid=0.02355775200841991&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=0a73b677-a548-47bd-a5a2-272b947680f1&prev_step_diff=659 IP172.67.185.171:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=0U46lAWPU2o3CYtAruDhYrU83DZC-OzCOAb41vW-a6N0bxAKYfmw3ashrH_ovyuyrZLQoI2gipwEfRKddQatLmgZkYubLDczCZoGqaRH3fjyGirnGiBuv0PTpVeJzqOoZ_4c8ArGiqdcgmgJ5sG4m0LEg-Mb6meK4WDJ2UZsr-tLszaBjaGWKcSpQWMEN3gdd72LBwNh6H83u8eKUSXtDlVT2fDYeFpTC6xxRFIEpdjIelFA8fGzBjg1PVjuBjr2GHD-BhJQ0lCV1m3S6Z5a9c8FB8v9hQcLooG9uJW9em7qBaKErRvD8r4tZRjZ9PERyr4yVjCudGHi0iTwgHq_wmmfanVBYx6OVMM0QMyCXxWsbYLdWWj5mhbgtq2WpN5-zLfzcqVvbu-KFhOD0zltmu4qSYDtrpZRjJoxPE-ITtWb6wiQcVpe4NSDMRJ6ukDRNhBhOUCSC2nwOBnps98pbInorlNm_ymlUjn4j7XkVohmZ2zU0CgUhKCn9J-vKoQggN2KRen3qRCy_OgDP7k11ByunCEJawpU8rx7jV5cVo2n4VMUzynSknKs5zZI6E_CTSMGpl3LEiO0FD2gOBwfZz79iY0UdWGZ0iu7R6GerJ0WQySfGG_vgfxO9inSAMmMQhs1PeUxx12Jvib6vnRW3bRCCgIp4L2F7tkLIgkV52C1uODH9dvTupc1Wp0As3aUdmisxMTKtZOu6AzMJEsFnJHcyUrmw7-PkMRO4CDAfRZ4Irgvi7mUxPkolddfcELKS2-Mezgqkv5ZzXXdANe6KBAJ_sgsvGiB-18WsslRuHbyiDi9AViPWSAlqL8W-Gk0-VyfPy63DBr6CnbtbCuxpC_WH9544sX4BRXtXGYMEWdy2rW9PQKrK7OGb6RO&bid=0.02355775200841991&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=0a73b677-a548-47bd-a5a2-272b947680f1&prev_step_diff=659 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 23:28:00 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTiXIplJbdDgHuWeh1KaXWxnuf5lu63UTlh7wVGjdCCdS8uD3gtKYMNcHcKiRR2UD4aoOuAkgmJcpudUBbTkrwSaAmNyN1VivcV%2BlDHcQe%2FDvgn7u1vEVRwamxwp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804fbe36d29b517-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg | 45.133.44.24 | 200 OK | 2.5 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hash9eb726ecf5e85e3b48f854490ff8284a d08b4f022e64d06f2642c5c9217d35b7851516d5 30bd73405bb72856107c9e940bece489b670970c3d2e4d6b592cc138a67a3c05
GET /m/p/0/777/777181/conversions/PguV688J-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 23:28:00 GMT
content-type: image/jpeg
content-length: 2460
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:49 GMT
etag: "66159d81-99c"
x-request-id: 064bc710493213dae1825c3b2f5e7289
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/jidHCIQ3Pg7jZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqGlu7qKcgYfT79OA0KhGOU5JrY5mrex9NYRIA?kws=video%2Cskylar%2Cmae%2Clesbo%2Cplugs%2Cass%2Cfucks%2Cpussy&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20May%2007%202024%2023%3A27%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.3 | | 10 kB |
URL 32879.2481april2024.com/jidHCIQ3Pg7jZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqGlu7qKcgYfT79OA0KhGOU5JrY5mrex9NYRIA?kws=video%2Cskylar%2Cmae%2Clesbo%2Cplugs%2Cass%2Cfucks%2Cpussy&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20May%2007%202024%2023%3A27%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.3:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashd0cba04c37ea30e981b7e1483210ab67 fb3fac6febd81b1a9b0b2bedf2d7f79f11f35048 4c04a485b85863e40d376aad8cac252d8109815406f7571c828a8dbf2c2ea245
GET /jidHCIQ3Pg7jZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqGlu7qKcgYfT79OA0KhGOU5JrY5mrex9NYRIA?kws=video%2Cskylar%2Cmae%2Clesbo%2Cplugs%2Cass%2Cfucks%2Cpussy&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D6777cbdbc1&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20May%2007%202024%2023%3A27%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Tue, 07 May 2024 23:27:56 UTC
expires: Tue, 07 May 2024 23:27:56 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/chicken.gif?z=2025683&pb=c8479f2faab244706e4785765d61d94c1715131673&psp=4KNBH5S5xqJXvcKALTpgJv-869qxE8mCjSMOnf913xT04glswiTnE2Ckit4RBBZX8QUxsm2hS_vjvyRwVmlbArNdDsDZE-XqWsDhcRdWZAmowpjUcRemITteT0af9raWTBki5KJKujH8GMBX29JANeE908kj33NQQ56ntpu4gbajLsl0movb9pVIYNArLbTjUtsBjqeyFV7debbOHO4rwjDDJiW4jJqKSZzjxz0Z3w5tn7BSFL4PoQBGbp8g4krsC1HWTBMb5jcDFLus_M0uwFAVAloBvh_qdyyy8uipf5zwG8v7UBraBcHBqxbdNwnMZE4WnUo9ekcLozbXi4DcVu7grsfzM656D9KKlhDqsvr_3S290a85uvGEJMJuGflA-3KEgy1b_V7YqS9kLKP-36uCNJC6EX4u_5sfLa0x1x3_Ek-4TjkPyD3ryVIz6q4fimyDtaEACj2l9dIYPZ5cl8CLhnjIGYYLDehbse8abksmYaFhhCi29zjoY4PnKS91Apd5-4yfFOm4ekzzesfPlKGab3LTNU_5YF320Io4W3bRi0dHctWs74KKK1cgn_1jDUIKXd1S91A6G4NqVi5bQc2o1qgc3F_L1Pmm59w5TWIPo5CBiKFYl-6GnVerMQkH7ccdxbmzsGcZLfWXydkbUozU-F5cMbTwDdG6VPd5_ahsz-iEHJtVjawAuCgK48A=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2645677187902464&eclog=0&im=1&_=0.503278383706372 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2pyknrhm5c.com/chicken.gif?z=2025683&pb=c8479f2faab244706e4785765d61d94c1715131673&psp=4KNBH5S5xqJXvcKALTpgJv-869qxE8mCjSMOnf913xT04glswiTnE2Ckit4RBBZX8QUxsm2hS_vjvyRwVmlbArNdDsDZE-XqWsDhcRdWZAmowpjUcRemITteT0af9raWTBki5KJKujH8GMBX29JANeE908kj33NQQ56ntpu4gbajLsl0movb9pVIYNArLbTjUtsBjqeyFV7debbOHO4rwjDDJiW4jJqKSZzjxz0Z3w5tn7BSFL4PoQBGbp8g4krsC1HWTBMb5jcDFLus_M0uwFAVAloBvh_qdyyy8uipf5zwG8v7UBraBcHBqxbdNwnMZE4WnUo9ekcLozbXi4DcVu7grsfzM656D9KKlhDqsvr_3S290a85uvGEJMJuGflA-3KEgy1b_V7YqS9kLKP-36uCNJC6EX4u_5sfLa0x1x3_Ek-4TjkPyD3ryVIz6q4fimyDtaEACj2l9dIYPZ5cl8CLhnjIGYYLDehbse8abksmYaFhhCi29zjoY4PnKS91Apd5-4yfFOm4ekzzesfPlKGab3LTNU_5YF320Io4W3bRi0dHctWs74KKK1cgn_1jDUIKXd1S91A6G4NqVi5bQc2o1qgc3F_L1Pmm59w5TWIPo5CBiKFYl-6GnVerMQkH7ccdxbmzsGcZLfWXydkbUozU-F5cMbTwDdG6VPd5_ahsz-iEHJtVjawAuCgK48A=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2645677187902464&eclog=0&im=1&_=0.503278383706372 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2025683&pb=c8479f2faab244706e4785765d61d94c1715131673&psp=4KNBH5S5xqJXvcKALTpgJv-869qxE8mCjSMOnf913xT04glswiTnE2Ckit4RBBZX8QUxsm2hS_vjvyRwVmlbArNdDsDZE-XqWsDhcRdWZAmowpjUcRemITteT0af9raWTBki5KJKujH8GMBX29JANeE908kj33NQQ56ntpu4gbajLsl0movb9pVIYNArLbTjUtsBjqeyFV7debbOHO4rwjDDJiW4jJqKSZzjxz0Z3w5tn7BSFL4PoQBGbp8g4krsC1HWTBMb5jcDFLus_M0uwFAVAloBvh_qdyyy8uipf5zwG8v7UBraBcHBqxbdNwnMZE4WnUo9ekcLozbXi4DcVu7grsfzM656D9KKlhDqsvr_3S290a85uvGEJMJuGflA-3KEgy1b_V7YqS9kLKP-36uCNJC6EX4u_5sfLa0x1x3_Ek-4TjkPyD3ryVIz6q4fimyDtaEACj2l9dIYPZ5cl8CLhnjIGYYLDehbse8abksmYaFhhCi29zjoY4PnKS91Apd5-4yfFOm4ekzzesfPlKGab3LTNU_5YF320Io4W3bRi0dHctWs74KKK1cgn_1jDUIKXd1S91A6G4NqVi5bQc2o1qgc3F_L1Pmm59w5TWIPo5CBiKFYl-6GnVerMQkH7ccdxbmzsGcZLfWXydkbUozU-F5cMbTwDdG6VPd5_ahsz-iEHJtVjawAuCgK48A=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2645677187902464&eclog=0&im=1&_=0.503278383706372 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405071827cb9c0f6768634537b0f70c7b10
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:28:01 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | | 0 B |
URL www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:0
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 520
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=6777cbdbc1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 23:28:17 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8804fc4c6d3656bb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.201 | 200 OK | 158 kB |
URL GET HTTP/2mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hashc6ea5aedb4469e81f7d41b0eec41f409 7d7edc7b87462fb56c5e3c17c86bebad542d1d6f 72ad45cf0dd548c1f9611c35289dec90c22375b45bf1aa33d6a14ac7f896865b
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.74 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:27:52 GMT
date: Tue, 07 May 2024 23:27:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.24 | 200 OK | 19 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH35RcAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af585630291c4d70f9b83a661825ff19
x-accel-expires: @1715204756
x-accel-date: 1715118356
x-77-cache: HIT
x-77-age: 6117
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 6117
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js | 104.21.40.89 | 200 OK | 7.8 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7849), with no line terminators Hashccb7422535b78733780907c06417085f 134151ba8a134a561b527705355dfb238934f0b0 2d23ca2ac82ebb2eb0b04437ad741bce68f87fe5a2e0c9d08caa3cebe84fbb82
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=65ec04d2b12f2693bf77151d9ae9cad7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 23:27:53 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwkrwjBdMLUYM%2Fs8SyrBJYNBauLG20fnfkCT%2B8JJ7Pjzuf1nAV2IWvJSjl8w7fHJZcDjeSaUxPkYv8fG%2FkwWji8K6ww0gi73jF5xPW28obexj9veGI2nn%2FFrDO2bfnoaAt%2Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbb9ffb456bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.66 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.66:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 07 May 2024 23:27:55 GMT
expires: Tue, 07 May 2024 23:27:55 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4847198702359401631
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51551
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto IP139.45.197.245:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3160), with no line terminators Hash88f09e7885ce8379f00ddf8813d9551d 6a2e34ecebadb1e00b408c32b6cf22724315d2b6 fea8347766646c9552592dab8aa5ecbe069af7abe8259034a50ebdfb82c4ae5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/7446033/?oo=1&js_build=iclick-v1.788.9-auto HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:54 GMT
content-type: application/json
x-trace-id: 02826987317833f9c51008644233bd63
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080558dd6c44fccf45ffe90bfa3e57f; expires=Wed, 07 May 2025 23:27:54 GMT; path=/; secure; SameSite=None
oaidts=1715124474; expires=Wed, 07 May 2025 23:27:54 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| zovidree.com/tag.min.js | 172.67.166.14 | 200 OK | 90 kB |
IP172.67.166.14:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectzovidree.com FingerprintE7:A2:02:40:34:64:74:90:8F:C4:F5:DA:6D:7F:08:2D:33:29:9A:FD ValidityMon, 22 Apr 2024 15:25:10 GMT - Sun, 21 Jul 2024 15:25:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7573260aff69fe8406b0115ab4bcefaa f7f5c31f2481bd176a9b79deff1b7c0d4878f87c 280186476a1f8103793e2139d4654b16f61a2a1d393966388f55b8ed795ebba3
GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:53 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1a13b2616487079790d1ad15928b1eb9
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:51:41 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 May 2024 03:11:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 72951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5BAuVxKjwjWQHWFVSXdTNODYFUy0OAkl1do0hNDmCl037f2tXI3o43izpwywOPu2MUuJRNp3swMe0YQAv3pCEdqYuz%2FDTD6EXbqsjq%2FY3noqfGn6Q1ei%2FkbIFuP4OQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804fbb68e5056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.mbidtg.com/tags/179977?version_name=d | 45.133.44.25 | 200 OK | 2.2 kB |
URL GET HTTP/2bid.mbidtg.com/tags/179977?version_name=d IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectbid.mbidtg.com Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67 ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2494), with no line terminators Hash6dd06c3be91240ac87d476628c579d45 7c9f39156f3db5c6c71d1ea5a218d3b5846fa8e8 3c8c08c131dffa0910f3b5e37167775faebe95977cd2752a5471c60963851c13
GET /tags/179977?version_name=d HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:53 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.74 | 200 OK | 5.8 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5866), with no line terminators Hash9a9a7fec0410c78b8c7601306b9fa182 7d736470060c2cbab18d2a59c043202c2d3dbaac 6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 23:28:01 GMT
date: Tue, 07 May 2024 23:28:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| js.mbidadm.com/static/scripts.js | 45.133.44.52 | 200 OK | 1.7 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1884), with no line terminators Hash920f349834adf2faa94a7c6047814e52 34557304112fe9d61f23b8f89ceead6db43b98d4 2ddd6ffb00a0971092562d2c424678425e8496d315e38967a4ca2e26fdcfeafc
GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:54 GMT
etag: W/"663a186e-6c4"
content-encoding: gzip
expires: Tue, 07 May 2024 23:32:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/get/2025683?p=2025683&jp=_clkofsccxfrtqt8ti45hl9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2645677187902464&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 12 kB |
URL GET HTTP/2pyknrhm5c.com/get/2025683?p=2025683&jp=_clkofsccxfrtqt8ti45hl9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2645677187902464&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (11569), with no line terminators Hashb1c02b5bbb19f913273fdf87f05dd978 9fae719a149934767fddb6d704bc48dca68b29c5 2145e7a53a1c5226e2207ca8b94a0ef8e657b2ceec18c98644a03fc7cf42688e
GET /get/2025683?p=2025683&jp=_clkofsccxfrtqt8ti45hl9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=2645677187902464&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 23:27:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Tue, 10 Jun 2025 23:27:53 GMT; Secure; SameSite=None
UID=2405071827cb9c0f6768634537b0f70c7b10; Path=/; Expires=Tue, 10 Jun 2025 23:27:53 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| 8d80fcb421.a700fb9c8d.com/110a65cc169b283c3c7819a3fe77e180.js | 45.133.44.52 | 200 OK | 101 kB |
URL GET HTTP/28d80fcb421.a700fb9c8d.com/110a65cc169b283c3c7819a3fe77e180.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=6777cbdbc1 CertificateIssuerLet's Encrypt Subject8d80fcb421.a700fb9c8d.com Fingerprint42:A0:FF:40:15:C5:29:E2:8E:7E:8F:55:FE:A4:8A:15:E0:17:77:CF ValiditySat, 04 May 2024 02:20:27 GMT - Fri, 02 Aug 2024 02:20:26 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /110a65cc169b283c3c7819a3fe77e180.js HTTP/1.1
Host: 8d80fcb421.a700fb9c8d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 23:27:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Tue, 07 May 2024 23:32:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|