| vjs.zencdn.net/8.10.0/video-js.css | 151.101.66.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.66.217:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Sat, 04 May 2024 17:45:03 GMT
x-served-by: cache-hel1410030-HEL
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/4/js/233169 | 88.208.22.1 | 200 OK | 6.6 kB |
URL GET HTTP/232879.2481april2024.com/4/js/233169 IP88.208.22.1:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeJavaScript source, ASCII text, with very long lines (16647), with no line terminators Hash6e48795d2d22a8015b6bd7114a5893c6 d8214a052c003345f3d3a9e1161e6573ddf2fd99 aa2445700ec3c1385f6af21aa89c1fbf28e43edd1e089b29958e3e356f92fb05
GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:03 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6579
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.129.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.129.229:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 17:45:03 GMT
age: 4976993
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.42 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.42:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:07:52 GMT
expires: Sat, 03 May 2025 02:07:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 142631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1714733429_fb7d821e4d810945.jpg | 172.67.183.69 | 200 OK | 28 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714733429_fb7d821e4d810945.jpg IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash1fc81c5edbd81dca22bf1362ad1f0051 2f7cd50e9a09352e885b965394f3dc866bb42321 ffe81ce53fd2417ab33dd6326227bf0ac07730987c1f2956edf6457434aac6af
GET /thumbnails/1714733429_fb7d821e4d810945.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:03 GMT
content-type: image/jpeg
content-length: 28509
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 17:45:03 GMT
etag: "6f5d-6634c175-8c4f1c;;;"
last-modified: Fri, 03 May 2024 10:50:29 GMT
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0QiGhaU%2Fhy8KVLswn0MaxzsCsxgQiIlunHxV4HSQtiNZRanomG%2FSGzrMTtvL1Y62XX2cqFPHUxRZHXITn0uIHlaykS54NPoGxO5rlWUOzcDEOp3dvyNSngm4bvAS2x6SA9s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d62fc3e7127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 844 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash98703c83b79dd3913415bf69f616897c 0033487fb819e5e3f96fbd6536bb222bff0ee9f8 fdaa9258e6f574228e933828b496365b1bb7dc434d0eaa23253e4af0967426b3
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 104.22.21.144 | 200 OK | 116 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size116 kB (116158 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:04 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 336792
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d67fc8f7128-OSL
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 172.67.183.69 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:04 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1718
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i53LY5%2BpxJaKcH9XOw9seltfFEbpCjqwepuxNBObYTT0EFD%2FxLBpf0JSKj7aJ6u93ot68i9DMc6ZmHdnZPUQ2mkZw%2Fg9xJFxc0VbATGh0hKIryBTfYOTTpA%2BOcLGliOBVgaB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d6c7bff7127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/favicon-16x16.png | 172.67.183.69 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:04 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6096
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ve8W8JAck9fY4h3nHGQ5lszBQrYzJ3mljH3c6xrFXldug53DYsax0mw%2B9wzOY2AdRWv9qT3VFexmwOwHBLMYzLEqZkOyvgat77A%2FinKRqPLmxslNooQ6czaqewliUvpNGEoN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d6c7c027127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.15 | 200 OK | 4.6 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typegzip compressed data, from Unix Hashc3f6e69bd6b11a4f17690ca68a32f860 598a0a644130bae6fae0bf4373a0a14faad65119 4aaef4f0a69f950cac5592bddc4e36e5b33fd183fce754dc414920313644592f
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3EBkBAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: c0a4cc28c9379bd020743666bcf2f430
x-accel-expires: @1714859152
x-accel-date: 1714772752
x-77-cache: HIT
x-77-age: 71952
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 71952
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/get/2020088?zoneid=2020088&jp=_cltp056xgdgw4zmoyuvm18&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771558759782912&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 1.6 kB |
URL GET HTTP/2b57dqedu4.com/get/2020088?zoneid=2020088&jp=_cltp056xgdgw4zmoyuvm18&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771558759782912&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (2969), with no line terminators Hash49de771864e03808ec4194233d96cdf2 77d575537aa8d9fd9a68840e270ca3d483907505 345440546d99e0d5126482f5d093d71e7140eec6c57e9830074dfc32df02fe50
GET /get/2020088?zoneid=2020088&jp=_cltp056xgdgw4zmoyuvm18&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771558759782912&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:04 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 17:45:04 GMT; Secure; SameSite=None
UID=240504124597fea30d7a4749bfb9393ebb4e; Path=/; Expires=Sat, 07 Jun 2025 17:45:04 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 874 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash6383fc530572003a99ccdc705d4faf0d 33348444853c25d45fa92f94c378a17ef9ee4e52 680e014f18dcf0bee058bd60c64f925e2df12d0ecfc03182e1b86aab134697ca
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png | 104.22.59.221 | 200 OK | 43 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png IP104.22.59.221:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Hashbec3572ed077c92240ef0dd7dc17231d e278cd647e65b5f04ba1d582d05f76d5dfafd125 eb304641419d09e779018fe3bf31596d3ed3ad0d4ab05c716ce626152aa417ec
GET /pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: image/webp
content-length: 42912
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=66221
content-disposition: inline; filename="082d6d41f9bd3220a660f2a4108986b2b367f0e4.webp"
etag: 20c64ca88091db62ea69001a7382f005
expires: Sun, 05 May 2024 21:59:26 GMT
last-modified: Mon, 23 Dec 2019 08:43:03 GMT
vary: Accept
x-openstack-request-id: tx9d94ab9f187b4137bb135-0061b079d0
x-proxy-cache: HIT
x-timestamp: 1577090582.49776
x-trans-id: tx9d94ab9f187b4137bb135-0061b079d0
cf-cache-status: HIT
age: 71140
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ea4d6f694a5693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 104.22.59.221 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP104.22.59.221:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Sun, 05 May 2024 21:58:29 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 71196
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87ea4d6f69445693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/get/2020090?zoneid=2020090&jp=_cl2q5r6i0iemnavi9m38u9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 11 kB |
URL GET HTTP/2mpougdusr.com/get/2020090?zoneid=2020090&jp=_cl2q5r6i0iemnavi9m38u9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Hash6c34500ae181debd40b248f518c36706 23aa8510f1a6700c41a9999726da84d51e740c08 61ef304b681e6828b9735554abed0c68007918a8b9869094f6ddcaf2c1cd03e1
GET /get/2020090?zoneid=2020090&jp=_cl2q5r6i0iemnavi9m38u9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:05 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 17:45:05 GMT; Secure; SameSite=None
UID=2405041245b70a8420af3f41b68b15ebd748; Path=/; Expires=Sat, 07 Jun 2025 17:45:05 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 04 May 2024 17:50:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/watch.php?id=165aa1cbb7 | 172.67.183.69 | 200 OK | 58 kB |
URL User Request GET HTTP/2www.amdahost.com/watch.php?id=165aa1cbb7 IP172.67.183.69:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, ASCII text, with very long lines (6442), with CRLF, LF line terminators Hash51374de797a67c397ab8bb1db3efe2f5 80263311ad2cddc99d486096515d6a9b23435bc2 b4fda5b088f1f5bdd942bbf6c17dea758fc6ee79726de3b5baec69df3929d801
GET /watch.php?id=165aa1cbb7 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6; path=/; domain=.amdahost.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YW49X6S8xJ1hI11iRSUyMpjx0%2FQUqO5Ztd0RiH3LsugYfrAag0DjMZVEQKiLZpuKet5ggpUb6Ook4GCa%2FP9W2dkJLPnyH8cTykLbAc43YF4D6ZRNVJzyB3H5kDzfAxdLPOOy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d5e09520b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.34 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.34:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Sat, 04 May 2024 17:45:05 GMT
expires: Sat, 04 May 2024 17:45:05 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4090699177778032327
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.79.73 | 200 OK | 6.6 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.79.73:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19189), with no line terminators Hash4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:03 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d633ac5569b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 17:45:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 17:45:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js | 45.133.44.53 | 200 OK | 28 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typegzip compressed data, from Unix Hashc222db787e2fd0f56dcdd0d3e6450c52 3998b0b4dcd9038fc6ddd1bb5d80a8a4b412985a abe3ed69ee84100141874e3ffd4956b8e15151b237c55bf6ab9c0d7358e03fe4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /69e850fd67f4bef7c987ce894adc6a8e.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 17:45:05 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=2659383421554989744; Expires=Sun, 04 May 2025 17:45:05 GMT; Secure; SameSite=None
Vary: Origin
|
|
| js.mbidadm.com/static/scripts.js | 45.133.44.53 | 200 OK | 1.4 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typegzip compressed data, from Unix Hash0c1b4cb4964b719ef1c14473968a72e1 34c5ef1a9bf914cad8243f4643a3f31422edd388 4971a02c1602e933d32c766ebf18a6d8c82f3338372078e856f3d81742e7c12a
GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:14 GMT
etag: W/"6627832a-6c4"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1834
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 17:45:06 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=7971735539920857071; Expires=Sun, 04 May 2025 17:45:06 GMT; Secure; SameSite=None
Vary: Origin
|
|
| 3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NzA4NTkzOTE1MDM5NDU3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjM1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/23fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NzA4NTkzOTE1MDM5NDU3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjM1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subject3fb4026cec.ffbd26c481.com Fingerprint27:04:EE:66:BA:5B:49:EF:14:C8:8F:A8:F2:D9:35:3D:F6:0F:40:6A ValidityWed, 01 May 2024 02:50:26 GMT - Tue, 30 Jul 2024 02:50:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NzA4NTkzOTE1MDM5NDU3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjM1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 3fb4026cec.ffbd26c481.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:06 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 162 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 17:45:05 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jx6nWQjASJutUNp%2Fp%2FYAXe06%2Fmr%2Bde0rU%2FoCOAiGSXTpcvXkqBUrqm8FuyOW6E2cliQAjR17%2Bc06yd3vS2xrV68E6V1oJMmyzH2prh8acVbjPO8Ak7XKpIiPn55jC5unQZVxllv83r28mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d739f6eb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| js.mbidinp.com/npc/sdk/wpu/npush.m.js | 45.133.44.52 | 200 OK | 46 kB |
URL GET HTTP/2js.mbidinp.com/npc/sdk/wpu/npush.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe164f0fc509991890121aa763019689d 16f901a89a57f87c90d6cea80cff9f8bd32756dc fdd439b2c8d28676c5e03847afc19252a3d6d88a670ba48db4ac020866c6b6ec
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:TGD_DB_cHjERLHVjXhjLJ1KAfwDXaQ:YQ1z9oAPT78agZdl; Expires=Mon, 04-May-2026 17:45:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 17:45:06 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwc2PhmxK6lPbEJzarmU3GkKrTsvjM25Ar_HhUJTL6aM6lq226OWLeC6o-b2wO0BFmK6dwnPQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-T9_ViDmT37wipb0dWN6SCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 94.130.198.6 | 204 No Content | 2.5 kB |
IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashcddccc2d105042b57692d0815b5725c1 c3b1a459c206fd3c444969508601da98722abc11 cc5bd73b658f72f9eaeec85ee49b7ff2e55af5f699ca126113c966244f2e3bbe
POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2165
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:06 GMT
content-type: application/json
content-length: 2456
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844706&subid=1211831614&sid=1981786523&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=bFO__v_URvnVXnK-WSTY2el53BilYVgFTozbrewJ9foL7voTJq8hNS-HpgpXf31c12t48JMV4I0S2NcdkaRdwzTCRuErRl8W4xth9JQMLKdvq0sAaa0W_qUBkLMqY5I7fFT5t0jkdAxXRQFo8Z-UMxePzouujKDCAQ9sNppdDLssFqjRZw&ext_cid=0&px_id=560190&min_cpm=0.10770581248510722&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4165368421541241441&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.037768329370715545&cpm=0&verify_hash=433434bb2649a6d7866cbd83146067f6&is_native=4&real_bid=0.0009639254951533079&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=9175c1f7-30f3-477a-b652-2693356a346a&prev_step_diff=854 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844706&subid=1211831614&sid=1981786523&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=bFO__v_URvnVXnK-WSTY2el53BilYVgFTozbrewJ9foL7voTJq8hNS-HpgpXf31c12t48JMV4I0S2NcdkaRdwzTCRuErRl8W4xth9JQMLKdvq0sAaa0W_qUBkLMqY5I7fFT5t0jkdAxXRQFo8Z-UMxePzouujKDCAQ9sNppdDLssFqjRZw&ext_cid=0&px_id=560190&min_cpm=0.10770581248510722&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4165368421541241441&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.037768329370715545&cpm=0&verify_hash=433434bb2649a6d7866cbd83146067f6&is_native=4&real_bid=0.0009639254951533079&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=9175c1f7-30f3-477a-b652-2693356a346a&prev_step_diff=854 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844706&subid=1211831614&sid=1981786523&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=bFO__v_URvnVXnK-WSTY2el53BilYVgFTozbrewJ9foL7voTJq8hNS-HpgpXf31c12t48JMV4I0S2NcdkaRdwzTCRuErRl8W4xth9JQMLKdvq0sAaa0W_qUBkLMqY5I7fFT5t0jkdAxXRQFo8Z-UMxePzouujKDCAQ9sNppdDLssFqjRZw&ext_cid=0&px_id=560190&min_cpm=0.10770581248510722&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4165368421541241441&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.037768329370715545&cpm=0&verify_hash=433434bb2649a6d7866cbd83146067f6&is_native=4&real_bid=0.0009639254951533079&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=9175c1f7-30f3-477a-b652-2693356a346a&prev_step_diff=854 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwc2PhmxK6lPbEJzarmU3GkKrTsvjM25Ar_HhUJTL6aM6lq226OWLeC6o-b2wO0BFmK6dwnPQ | 74.125.131.84 | 302 Found | 428 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwc2PhmxK6lPbEJzarmU3GkKrTsvjM25Ar_HhUJTL6aM6lq226OWLeC6o-b2wO0BFmK6dwnPQ IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File typeHTML document, ASCII text, with very long lines (404) Hash66e589680aa1896c4c024a76a180c3dd fe788c82904d92b82dcc818c1846a6a6e1aed1dd ed5f85321291b755c0947b89a0dccab6e31547b70d7239d72fd481561608b0a7
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwc2PhmxK6lPbEJzarmU3GkKrTsvjM25Ar_HhUJTL6aM6lq226OWLeC6o-b2wO0BFmK6dwnPQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:gEjW5K4rAIhGBpl8b19uRW-Z8ekllQ:mMnWDALA2hMQFVId;Path=/;Expires=Mon, 04-May-2026 17:45:06 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 17:45:06 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz7eY25_yHJ4hXYik5lZc6STh7llpGMmK7ROqgvFu9cQjjxqSMZdPdy_ZOokg884a5I5mi2sw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16573019%3A1714844706903509&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-pLd_evF5WDAn8i67M9mk0w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.52 | 200 OK | 15 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33497), with no line terminators Hasha069fdae233705c69db53cdddf953015 2dcfb71c08faa8c09be0196751a3b7f08afbb2e0 8358b4d2ef244f2c763073105b21a552b4589aafcf9b46e128820b35a34f7d9a
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:06 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:06 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=da2884e5-f5dc-49b0-9c98-928426f2c7bc&prev_step_diff=854 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=da2884e5-f5dc-49b0-9c98-928426f2c7bc&prev_step_diff=854 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=da2884e5-f5dc-49b0-9c98-928426f2c7bc&prev_step_diff=854 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:07 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 17:45:07 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:07 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 17:45:07 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.03&cpa=165b5814-23e3-4e7e-be8f-92b339af58c5&prev_step_diff=854 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.03&cpa=165b5814-23e3-4e7e-be8f-92b339af58c5&prev_step_diff=854 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.03&cpa=165b5814-23e3-4e7e-be8f-92b339af58c5&prev_step_diff=854 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:07 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 17:45:07 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:07 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 17:45:07 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=2de8bbcf5368d894a7e59eb93891a7b51714851905&psp=zTic0g66XoCGbFKCYhwqy-8hPPsxL2DXHZZ-dTDvoOvgVmEBhd2elSRN1hfvTfYJfOZl_guFSqdnfB0MZqI2Lvb2UGUpXluvNTvsq8MidO0rolLD2jMCjb0poVA_CS0dJhZZ_e6Ne65pQfAPApW2gCV-koFRarnZt_7hMAa5Qsku4fRJ6CLOXubkL1RENQBHIpQ4WydjM0A1ru6-yu97upY26vEMb-CVc0obc9ZtVu7C9WRZfixgMYftM8apPKvOayKZ0q2r6hUO54r5Pb_6lrIW8NtxMaEgwEh2iNKm09Z393uJ12evEAB6cUsPI67VEg4PESAjcXYWO0dzASq5lEPHwUl8afYa41kPuTmRoeUz071WCB-JvIc2LjwrDyjkyDHRAefLQ6IF1iE9O9mrE6970laD6_jgEA_vBPPnUEd1L7xxxemA2Wd53aZcobwEmLix3gU0Q9HkOkI0Z_YrVRtlhhjp0HYfYTWmgTtW-HivPusY7gEeWL7duejzSJa5VthcWOB4zwjYm_e2Dj07JyRjIpY0VXd0iZ4Cq5IOpg9Q-_xqLEPSiboPK1BeC4WeDQw5PgUX3i-C52szcsR7zN1qdpvdchRa0PlcE-iQPlTYUJHd0hTg6ct5pSo70KSagVq2TPLG7TSkGMPBRScaObYiq02d-eR8v8dCmDy5sx4DkKQsW0vN4pXpd_3CQJKIk59F3XIbddNW02Olba_yrMoBEUPmVv-e8kRioHVlV0qhW4vsE4ZwFmGvyORT7zGLeSYdISKB0liOltVHy4pSMQ4H61BKJcSe8fCbFChowCbs0Ffn9jKgBlYi1qrnWuRdUzsz-_7ipeYrffcqpGVkFQswZvxJXaeJ3U9hfa__tp-kjLRzXOyj2OuOgpHpNbwdiwelgdZZHXikDbv-T71G4Rba70ord2WHy5A__3pf5J9Gmo_Y9qn5UFzKdOGeSdkN6UATuOHyCEZ3nycQNBZ7fUkCeXC8p1jbCLF01NcrwbvKEJ48e3Lhl-iPTMFsL8wchPdGm7af7lGb13AseW31cJUZ6O0G2DpwQ3a1cVugyjJfPZfr1WysH_llhkzluG0tUw2PsHMhcTU_F5YJpQOjMXSSq_LWgOX57GRaiT0JVxtJ5avZzrhErprVvNGoH_2QV87nf1Lcw6Ffum77gU5owMPp5cOzLg8qAcEQSUzoTQvaQACd7m8OTBECDFZtqEq8If0OG1E70jUAyQNHAv021uyGI3cSeFu-5eKeNFmxUsa8HUPYTCx28sV5PJ1tiQmhFAxDaBM75v2uxwkuyirlzGW39qK5yN-ejQX7AYba7146KY_lIbSuforytwg3vXNjki3jtXNxUC90FuxCwT5wFd_38mjjSL0tx-ts3Ab8iffZzJMWSsQsACrGkInCjSM3HEN8ZDmkyY8ZMRYYMJROg9R6yFifi7ZRZ3mv7daLirL_vU6sovLfjsDxxsn-7HzSZQSzxK5tjZrwC3R58BtSOi7BbfwGg0iiNVqTuJlX8wXZsfOSwcZGeUc6QcFdJHR8nF0L-Id0S0_rSCC3aYC4C45nXPXrnp3PQdkx62DO6dDmenROhRWglE8i5o0nYg-uWSkgqyI1AUt8xZGhsZKwmNDiXI_O1NOx4ROs3sOnC4mH6Y_e_vAhb66a77an51-BlFXHCUpEMI97b8D46HmLHm7SfR02GSwgX8kR2G5MlMxGFpFDQzAAv0lPbKgn4Y1wuZlv3AuaW8POHZbG_SYBeXKkALdjwXsTn1IXD7s__qnE4jS8ATiYelAW5Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=2de8bbcf5368d894a7e59eb93891a7b51714851905&psp=zTic0g66XoCGbFKCYhwqy-8hPPsxL2DXHZZ-dTDvoOvgVmEBhd2elSRN1hfvTfYJfOZl_guFSqdnfB0MZqI2Lvb2UGUpXluvNTvsq8MidO0rolLD2jMCjb0poVA_CS0dJhZZ_e6Ne65pQfAPApW2gCV-koFRarnZt_7hMAa5Qsku4fRJ6CLOXubkL1RENQBHIpQ4WydjM0A1ru6-yu97upY26vEMb-CVc0obc9ZtVu7C9WRZfixgMYftM8apPKvOayKZ0q2r6hUO54r5Pb_6lrIW8NtxMaEgwEh2iNKm09Z393uJ12evEAB6cUsPI67VEg4PESAjcXYWO0dzASq5lEPHwUl8afYa41kPuTmRoeUz071WCB-JvIc2LjwrDyjkyDHRAefLQ6IF1iE9O9mrE6970laD6_jgEA_vBPPnUEd1L7xxxemA2Wd53aZcobwEmLix3gU0Q9HkOkI0Z_YrVRtlhhjp0HYfYTWmgTtW-HivPusY7gEeWL7duejzSJa5VthcWOB4zwjYm_e2Dj07JyRjIpY0VXd0iZ4Cq5IOpg9Q-_xqLEPSiboPK1BeC4WeDQw5PgUX3i-C52szcsR7zN1qdpvdchRa0PlcE-iQPlTYUJHd0hTg6ct5pSo70KSagVq2TPLG7TSkGMPBRScaObYiq02d-eR8v8dCmDy5sx4DkKQsW0vN4pXpd_3CQJKIk59F3XIbddNW02Olba_yrMoBEUPmVv-e8kRioHVlV0qhW4vsE4ZwFmGvyORT7zGLeSYdISKB0liOltVHy4pSMQ4H61BKJcSe8fCbFChowCbs0Ffn9jKgBlYi1qrnWuRdUzsz-_7ipeYrffcqpGVkFQswZvxJXaeJ3U9hfa__tp-kjLRzXOyj2OuOgpHpNbwdiwelgdZZHXikDbv-T71G4Rba70ord2WHy5A__3pf5J9Gmo_Y9qn5UFzKdOGeSdkN6UATuOHyCEZ3nycQNBZ7fUkCeXC8p1jbCLF01NcrwbvKEJ48e3Lhl-iPTMFsL8wchPdGm7af7lGb13AseW31cJUZ6O0G2DpwQ3a1cVugyjJfPZfr1WysH_llhkzluG0tUw2PsHMhcTU_F5YJpQOjMXSSq_LWgOX57GRaiT0JVxtJ5avZzrhErprVvNGoH_2QV87nf1Lcw6Ffum77gU5owMPp5cOzLg8qAcEQSUzoTQvaQACd7m8OTBECDFZtqEq8If0OG1E70jUAyQNHAv021uyGI3cSeFu-5eKeNFmxUsa8HUPYTCx28sV5PJ1tiQmhFAxDaBM75v2uxwkuyirlzGW39qK5yN-ejQX7AYba7146KY_lIbSuforytwg3vXNjki3jtXNxUC90FuxCwT5wFd_38mjjSL0tx-ts3Ab8iffZzJMWSsQsACrGkInCjSM3HEN8ZDmkyY8ZMRYYMJROg9R6yFifi7ZRZ3mv7daLirL_vU6sovLfjsDxxsn-7HzSZQSzxK5tjZrwC3R58BtSOi7BbfwGg0iiNVqTuJlX8wXZsfOSwcZGeUc6QcFdJHR8nF0L-Id0S0_rSCC3aYC4C45nXPXrnp3PQdkx62DO6dDmenROhRWglE8i5o0nYg-uWSkgqyI1AUt8xZGhsZKwmNDiXI_O1NOx4ROs3sOnC4mH6Y_e_vAhb66a77an51-BlFXHCUpEMI97b8D46HmLHm7SfR02GSwgX8kR2G5MlMxGFpFDQzAAv0lPbKgn4Y1wuZlv3AuaW8POHZbG_SYBeXKkALdjwXsTn1IXD7s__qnE4jS8ATiYelAW5Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=2de8bbcf5368d894a7e59eb93891a7b51714851905&psp=zTic0g66XoCGbFKCYhwqy-8hPPsxL2DXHZZ-dTDvoOvgVmEBhd2elSRN1hfvTfYJfOZl_guFSqdnfB0MZqI2Lvb2UGUpXluvNTvsq8MidO0rolLD2jMCjb0poVA_CS0dJhZZ_e6Ne65pQfAPApW2gCV-koFRarnZt_7hMAa5Qsku4fRJ6CLOXubkL1RENQBHIpQ4WydjM0A1ru6-yu97upY26vEMb-CVc0obc9ZtVu7C9WRZfixgMYftM8apPKvOayKZ0q2r6hUO54r5Pb_6lrIW8NtxMaEgwEh2iNKm09Z393uJ12evEAB6cUsPI67VEg4PESAjcXYWO0dzASq5lEPHwUl8afYa41kPuTmRoeUz071WCB-JvIc2LjwrDyjkyDHRAefLQ6IF1iE9O9mrE6970laD6_jgEA_vBPPnUEd1L7xxxemA2Wd53aZcobwEmLix3gU0Q9HkOkI0Z_YrVRtlhhjp0HYfYTWmgTtW-HivPusY7gEeWL7duejzSJa5VthcWOB4zwjYm_e2Dj07JyRjIpY0VXd0iZ4Cq5IOpg9Q-_xqLEPSiboPK1BeC4WeDQw5PgUX3i-C52szcsR7zN1qdpvdchRa0PlcE-iQPlTYUJHd0hTg6ct5pSo70KSagVq2TPLG7TSkGMPBRScaObYiq02d-eR8v8dCmDy5sx4DkKQsW0vN4pXpd_3CQJKIk59F3XIbddNW02Olba_yrMoBEUPmVv-e8kRioHVlV0qhW4vsE4ZwFmGvyORT7zGLeSYdISKB0liOltVHy4pSMQ4H61BKJcSe8fCbFChowCbs0Ffn9jKgBlYi1qrnWuRdUzsz-_7ipeYrffcqpGVkFQswZvxJXaeJ3U9hfa__tp-kjLRzXOyj2OuOgpHpNbwdiwelgdZZHXikDbv-T71G4Rba70ord2WHy5A__3pf5J9Gmo_Y9qn5UFzKdOGeSdkN6UATuOHyCEZ3nycQNBZ7fUkCeXC8p1jbCLF01NcrwbvKEJ48e3Lhl-iPTMFsL8wchPdGm7af7lGb13AseW31cJUZ6O0G2DpwQ3a1cVugyjJfPZfr1WysH_llhkzluG0tUw2PsHMhcTU_F5YJpQOjMXSSq_LWgOX57GRaiT0JVxtJ5avZzrhErprVvNGoH_2QV87nf1Lcw6Ffum77gU5owMPp5cOzLg8qAcEQSUzoTQvaQACd7m8OTBECDFZtqEq8If0OG1E70jUAyQNHAv021uyGI3cSeFu-5eKeNFmxUsa8HUPYTCx28sV5PJ1tiQmhFAxDaBM75v2uxwkuyirlzGW39qK5yN-ejQX7AYba7146KY_lIbSuforytwg3vXNjki3jtXNxUC90FuxCwT5wFd_38mjjSL0tx-ts3Ab8iffZzJMWSsQsACrGkInCjSM3HEN8ZDmkyY8ZMRYYMJROg9R6yFifi7ZRZ3mv7daLirL_vU6sovLfjsDxxsn-7HzSZQSzxK5tjZrwC3R58BtSOi7BbfwGg0iiNVqTuJlX8wXZsfOSwcZGeUc6QcFdJHR8nF0L-Id0S0_rSCC3aYC4C45nXPXrnp3PQdkx62DO6dDmenROhRWglE8i5o0nYg-uWSkgqyI1AUt8xZGhsZKwmNDiXI_O1NOx4ROs3sOnC4mH6Y_e_vAhb66a77an51-BlFXHCUpEMI97b8D46HmLHm7SfR02GSwgX8kR2G5MlMxGFpFDQzAAv0lPbKgn4Y1wuZlv3AuaW8POHZbG_SYBeXKkALdjwXsTn1IXD7s__qnE4jS8ATiYelAW5Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041245b70a8420af3f41b68b15ebd748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:07 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 665 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd0ea202547de78f5ea119286bcc690b6 ce72e998507a29ac0d1a182e5f1787097883958a b7ae740787300ecb1d105bb6cfad4b693ff103a1ef590ca17ed861ca0fef979a
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 17:45:07 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2goxf9lwrU0IkwP5YiM%2BIA7YmLse6kn989vSrTODf8J0e9w8j%2Fb1aN7xhHVmhUYXYkxoySIwTPSJKf3nZexaRg4iU4SpAahwN6nEKcOdunX1fBO75hW5xbvovfkhBjPGhUD3zm6zTN8S0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d7c6df4b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.4 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hash6521a651faa275bab10e94677fef0920 844dca3706261d31a06318a980089a7b656cd306 392a0a5519b7f7904f8842254aa4143f3dfbf69c5c566e3d8c694b3a2a2cee56
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1402
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 17:45:08 GMT
content-type: application/json
content-length: 6390
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=2de8bbcf5368d894a7e59eb93891a7b51714851905&psp=2I8YKuvEAq2OsFa2S3x1Kwp4jFiriJNRrqkysanK0Z9Otq1INofa0L60NEZYD-VDes-mR-UpKNbJ6riWKZl4uANC_xWtAlsl5XzxEtUsqIqmY7-GWywPzUAE0O8u8a3OFJySIHjJEdAukvT-wPD2Oz8VqxTgqnIwF2FcWOxDdIhH2F0yhoYs6u6v47WT12bZYMLa6LL9jmoLJ4cu3hfX5o50LQLtHW2LhTNwV-87LxZYSzWCbcpmMplVq9VXrZimqEdWBnYTxEZ7TIl7PwiFBo1HuemB_Acwg9DfN-CliOWnDX6WtWaG5Tlel26EzQeEwi_fPNd3yt-eaE9ZDxC5wseVmJPqYn2Gt-fTR9EQSRz7xPqGksMBoRS_mUY-3DklLp_c0dTxjvQJtxoRpXKVvNBZUYW5t33NdsYigChbWm1Tu2Mw1v_9Q1IuRxPxEetodpiNGZJfENDQYmblWua8-7exWh4BdmYqXDWtJcUAYiDRSs8mysM4GUTDLDaUAn08eeUjWH6ZMDZ1b4-jV0dwQZeyWHe8Pt4ng9_Xq_7amEv6yyFJT8ElwhlCqeXMmgA35ugMPKgJpqpOc4w4P46byCb3kOV4p7ejsXOfMUKaKt1ZIvmjNms3EdD_lfTxSYrDaksRM4pF_QuwmR7IrXuRc8xkTm-bm75v3YQhNzhd82XPhB3X75JBJQdgcPghayhHvvqWV9BL5AF6BSyeFfDu_9J_FUHTlBmWWUnWqdyBqR_ci9V1hxT_h5KX_8mPKf6MhP7D0OpbVVMq4BJjJ0J0suSf3olGTTuRJpcRS-YxKM7_mxlMFku4sfKuYykdGycHWFchij3cmXPnFJyd7O0alhYMSFd4QDSFXo9Cdx17Ce-A40pN79PqfFqtenEuAC5GQsc_75sofJruQCRHRIBkUBnbgclt_63N6uKbIZNUd3Ny5TBFwrOhuvC_GKPMN9s46-w7rZ5dl5Z-ZmoflvQncMbPn0SPzdud9YPy-lKMP1AjlpmrpurYxAfCUbWMTmRFkccItXbptf45d7zG5O5Xzu5kbyFkKKtgrw-4-5UJCitUnQ-t0JqwQdOLtv67WmVtfoXdSIVgn1SPYWRCIwo1rX-NVWo_i_UYJzey3DTCo5zFORKJgjwL6eJ_G0rD4vspKEHL03VMeOhyntNcXWbu36ADTZwLDIkBdv1ly0KzhJv1LxWmy2sbkw5ZZl63GLRsootLaBDdtB-xw5vuBplMbxv72d1-ZjP85Q7GC5Ic64_DGJEKbUr5fzuvEuSbXQ6SOXyeJW9lPI8ByyVtenAu0-bGqJLuH50zEy2HpaySGej9afGC-Ko4d8WFmoXfDWvqMoZ0FyMzTsviw6JSwVxAGbxtS8JjOlzmDBbRzaN3phAwz86FL0kiAg3mYU49t2jTO8Bnev4Q_WlQwW81L5zpTWoNfPu3IAZKePywW3aHo2W2syR756F0VKEFfRShNBcPrzYBAJLRHuc6NDdIS15eTBzZxBYiB56uLuK5NyMw7ONNfJtTRyKUEfYFheYvvV-3yV38tLnJZcZyUG_rTqDc_qpdIWraGIJJg6tx847xzyTJDwLursbAc9wDOgFIMFJBneVKjjOoBpLkyZlw4eeq7NFK6Y8LW5osibzW8xh_4mbvaoZ54KhSeVT6forDOjKOJnvwBu7opj_z7XepbI2GCvv0bVsAgyni247vOm2IBcf1aZ6YfDrkPI9Xs2ZddGLnAcKHb3eWCq_yOC0rhy4nuDAnX-2VEpXO6mUQV_xo7gVDjpS02v0lUn7SnTdMqeeZ2G9f1tlAH1oTdP4vzQuEldBr4td27xYT32y7sXHOtZaxozoViDz5ieTCr4I5LUxAGwj-_-3MyZ2WlSQJFvCRiudKcsFrAPd2prfcK6PlERHxhi9okyUYx9csOemrLmXJDTEOvIGrX930CrY5gAORtzzg9KLivSsV4tlSDXKO0Ytn5pChYIuYBf1SJJ-9WYWWxp80lUvIYhVbZ13suXeyVHon5oL2oev86TgR5Ll8Ti1oMVkmKoce33oriTihLpS-A6N7tei5R3MQjWnJrLbOJb6KELr7J6mH8A7q0zZ-md20B168d_FnS5KO_tOgJrbPRsWIYitmv58T2Y_dPr6fKm27MwDPCusgy8Wf0CMZegCFNmeeSLootOx9aOH77ibAp03CNYxBHkAxj2GfeBzOuE_YA4_b8hOeuEQ4n-Qp2DHMW9dAH_oUE2cGVZrQLiYfrJnU-9U3GEADSlYPI0_Kx-DCckJond9L8BSTMJ7d_Aail0ByFMu4p_yV4IGbesM5YfaPx_WuwN3igN3kcYD5FREN83uqHcWLzi3LYCrA1pbGM-iFT49D7-D7WFAk2nnIcWzRIwtrv6Ing4FtGqTn0mKg0y4z7-vOC2CFYXDP0YfZy5T2HdUrsx0kVYS8GBGWYDsDSevJogWFDYAeBB5RBYpHSht0TRdWc6rQlqHqaHPXRcQ8V2FgNufYkw--dRnmMUpwDXfgm3SijHCf6rtV2Zu4REfzL3Qh_T8m_u-v-7cj_UD0QHjRCbNW0QCzGLncbpQdBYyV_rTxxC7nFReACgswafRnwvx-MnbdXSBJA9NLpGiHnVjiYVLy04yC-S9ioNrkFMfkomiBcV4oKL9L8obhe6GH_lJ03obvX6R7ZYThzAMhYLXAgg98o_EfydIRdz0GkX1CcsRRgLRAF1-TVBhQ8JGPsBNCYK0Qh--xrxbJhUS45lcLibS7kQCnNZr5uRkVOMcGCueUQMLdClIzEoWXE2QuyFBR0ihGCz2T32MgVtPm5BywbwhsivA4uefXdxbxVvkF5ojYfQTVf8a6sLTC-E5HU1Wk_pxMO3zFBOBoH9Y-l2yi9a--3HRW_QlvSZJapWc2dlXs42sh0dS9J3x-Y5_efW-mn_cHn07myJQVuKqVHbdGjUlG15brVAp894ok_uJIZXyr3I5tkDRtY9FHjQU_PpvfRA7s4Nk5PgaXaN7f0AHkG_SmUglh3kYZZljs7h_N9vEsvKINQC8Kciv5Y0lvZX-SDNRk2HQoDeSdeAN4bjXsSVlr0eC2SL9w28p2_oUCuIblVf2PMOrtpSVRwJgQnWHd3VY1LZD0LtLiH_seE7J5itTZX-M0ded4tIIEn6sGYwy6xW1GuLeSJtsVwK_Le1UhNZyXLFFCJQFgsPzpUhCZuhGdQUk87DqBGPQsIZm8dWunSCl-tzsR2UNsdzZnPkfl5DRTYtKwT6espueJthdjHlKr2w_C6ScbGh_QowIP42gv4EFj_WgfI1Jeyq5PKQ3ldkDKTFVDQocVmlrU1FwnfY23OjOXHdQpbgbtnWHdF7tOn_8SLCEJkuPJ1UhOoi5U7T6vkogwVOZWl_Sb_NQF_-iy44ckMAuCQmqO09DoM0BMfo5QqYYzVshDpwKYOA0jMcAre6FEwWC2SdPCVZPlp1z83LT9pR6KWgxfRWULboMToRwxXOuLGoq9K7hpxXjSJRtrHHp96bZ7gBSmXrhZqwOl-Sriwy6bzUvkIfhrgCGGUleBqmRYo1981htP1Q6V131z3Yl55wCWhm1PGMz9KO5Cp5-WWFVnZBg8r3NGHnaJHs5KlFfv6vOU2npihzMfOxuLe31M4k3K8iE8vfBgBHwoUEmKacEBVANnCk4pja4iWz_FZL2WsQZ5d06fFawbQxvH8hgQEtS7S6bcVYG2IqT8HFpzknk77usNiREZtBhQ_Ng39sKrda6FOZlk3wLNqbkLPAIaaJAH6hfK66SH4dUDl2YUfykgv9GDf8ScOrQDG_wGxzz94KlifK4KwsyjmB1eBPbbAPwZViPI89tFdBL1B8rHY9SrLxVqlxIv1CtY5iTyL1XKcgfjScH8vYC3z-1cN8L3CDhRV_z-cqMrDQx4TRY25lQIQS9FTkwz8z4zaWle34ciytAMIBn6-TkanpsTfxeTWv1DNjV1jvxjq1fCxSCbh1n_GPYm10NlbxC4S9EYr_JrJbpxIW_NE3yL9Czo0ASt5WMQk5jFzm2oqx_8GysndP8KgZSeShh3ZDxzU_JPoajFT152zKidLqKPd5748uRJeFXXqgG7YEEebf9lQUm8xMAs5O4vy4kFNuv07h9m7Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=2de8bbcf5368d894a7e59eb93891a7b51714851905&psp=2I8YKuvEAq2OsFa2S3x1Kwp4jFiriJNRrqkysanK0Z9Otq1INofa0L60NEZYD-VDes-mR-UpKNbJ6riWKZl4uANC_xWtAlsl5XzxEtUsqIqmY7-GWywPzUAE0O8u8a3OFJySIHjJEdAukvT-wPD2Oz8VqxTgqnIwF2FcWOxDdIhH2F0yhoYs6u6v47WT12bZYMLa6LL9jmoLJ4cu3hfX5o50LQLtHW2LhTNwV-87LxZYSzWCbcpmMplVq9VXrZimqEdWBnYTxEZ7TIl7PwiFBo1HuemB_Acwg9DfN-CliOWnDX6WtWaG5Tlel26EzQeEwi_fPNd3yt-eaE9ZDxC5wseVmJPqYn2Gt-fTR9EQSRz7xPqGksMBoRS_mUY-3DklLp_c0dTxjvQJtxoRpXKVvNBZUYW5t33NdsYigChbWm1Tu2Mw1v_9Q1IuRxPxEetodpiNGZJfENDQYmblWua8-7exWh4BdmYqXDWtJcUAYiDRSs8mysM4GUTDLDaUAn08eeUjWH6ZMDZ1b4-jV0dwQZeyWHe8Pt4ng9_Xq_7amEv6yyFJT8ElwhlCqeXMmgA35ugMPKgJpqpOc4w4P46byCb3kOV4p7ejsXOfMUKaKt1ZIvmjNms3EdD_lfTxSYrDaksRM4pF_QuwmR7IrXuRc8xkTm-bm75v3YQhNzhd82XPhB3X75JBJQdgcPghayhHvvqWV9BL5AF6BSyeFfDu_9J_FUHTlBmWWUnWqdyBqR_ci9V1hxT_h5KX_8mPKf6MhP7D0OpbVVMq4BJjJ0J0suSf3olGTTuRJpcRS-YxKM7_mxlMFku4sfKuYykdGycHWFchij3cmXPnFJyd7O0alhYMSFd4QDSFXo9Cdx17Ce-A40pN79PqfFqtenEuAC5GQsc_75sofJruQCRHRIBkUBnbgclt_63N6uKbIZNUd3Ny5TBFwrOhuvC_GKPMN9s46-w7rZ5dl5Z-ZmoflvQncMbPn0SPzdud9YPy-lKMP1AjlpmrpurYxAfCUbWMTmRFkccItXbptf45d7zG5O5Xzu5kbyFkKKtgrw-4-5UJCitUnQ-t0JqwQdOLtv67WmVtfoXdSIVgn1SPYWRCIwo1rX-NVWo_i_UYJzey3DTCo5zFORKJgjwL6eJ_G0rD4vspKEHL03VMeOhyntNcXWbu36ADTZwLDIkBdv1ly0KzhJv1LxWmy2sbkw5ZZl63GLRsootLaBDdtB-xw5vuBplMbxv72d1-ZjP85Q7GC5Ic64_DGJEKbUr5fzuvEuSbXQ6SOXyeJW9lPI8ByyVtenAu0-bGqJLuH50zEy2HpaySGej9afGC-Ko4d8WFmoXfDWvqMoZ0FyMzTsviw6JSwVxAGbxtS8JjOlzmDBbRzaN3phAwz86FL0kiAg3mYU49t2jTO8Bnev4Q_WlQwW81L5zpTWoNfPu3IAZKePywW3aHo2W2syR756F0VKEFfRShNBcPrzYBAJLRHuc6NDdIS15eTBzZxBYiB56uLuK5NyMw7ONNfJtTRyKUEfYFheYvvV-3yV38tLnJZcZyUG_rTqDc_qpdIWraGIJJg6tx847xzyTJDwLursbAc9wDOgFIMFJBneVKjjOoBpLkyZlw4eeq7NFK6Y8LW5osibzW8xh_4mbvaoZ54KhSeVT6forDOjKOJnvwBu7opj_z7XepbI2GCvv0bVsAgyni247vOm2IBcf1aZ6YfDrkPI9Xs2ZddGLnAcKHb3eWCq_yOC0rhy4nuDAnX-2VEpXO6mUQV_xo7gVDjpS02v0lUn7SnTdMqeeZ2G9f1tlAH1oTdP4vzQuEldBr4td27xYT32y7sXHOtZaxozoViDz5ieTCr4I5LUxAGwj-_-3MyZ2WlSQJFvCRiudKcsFrAPd2prfcK6PlERHxhi9okyUYx9csOemrLmXJDTEOvIGrX930CrY5gAORtzzg9KLivSsV4tlSDXKO0Ytn5pChYIuYBf1SJJ-9WYWWxp80lUvIYhVbZ13suXeyVHon5oL2oev86TgR5Ll8Ti1oMVkmKoce33oriTihLpS-A6N7tei5R3MQjWnJrLbOJb6KELr7J6mH8A7q0zZ-md20B168d_FnS5KO_tOgJrbPRsWIYitmv58T2Y_dPr6fKm27MwDPCusgy8Wf0CMZegCFNmeeSLootOx9aOH77ibAp03CNYxBHkAxj2GfeBzOuE_YA4_b8hOeuEQ4n-Qp2DHMW9dAH_oUE2cGVZrQLiYfrJnU-9U3GEADSlYPI0_Kx-DCckJond9L8BSTMJ7d_Aail0ByFMu4p_yV4IGbesM5YfaPx_WuwN3igN3kcYD5FREN83uqHcWLzi3LYCrA1pbGM-iFT49D7-D7WFAk2nnIcWzRIwtrv6Ing4FtGqTn0mKg0y4z7-vOC2CFYXDP0YfZy5T2HdUrsx0kVYS8GBGWYDsDSevJogWFDYAeBB5RBYpHSht0TRdWc6rQlqHqaHPXRcQ8V2FgNufYkw--dRnmMUpwDXfgm3SijHCf6rtV2Zu4REfzL3Qh_T8m_u-v-7cj_UD0QHjRCbNW0QCzGLncbpQdBYyV_rTxxC7nFReACgswafRnwvx-MnbdXSBJA9NLpGiHnVjiYVLy04yC-S9ioNrkFMfkomiBcV4oKL9L8obhe6GH_lJ03obvX6R7ZYThzAMhYLXAgg98o_EfydIRdz0GkX1CcsRRgLRAF1-TVBhQ8JGPsBNCYK0Qh--xrxbJhUS45lcLibS7kQCnNZr5uRkVOMcGCueUQMLdClIzEoWXE2QuyFBR0ihGCz2T32MgVtPm5BywbwhsivA4uefXdxbxVvkF5ojYfQTVf8a6sLTC-E5HU1Wk_pxMO3zFBOBoH9Y-l2yi9a--3HRW_QlvSZJapWc2dlXs42sh0dS9J3x-Y5_efW-mn_cHn07myJQVuKqVHbdGjUlG15brVAp894ok_uJIZXyr3I5tkDRtY9FHjQU_PpvfRA7s4Nk5PgaXaN7f0AHkG_SmUglh3kYZZljs7h_N9vEsvKINQC8Kciv5Y0lvZX-SDNRk2HQoDeSdeAN4bjXsSVlr0eC2SL9w28p2_oUCuIblVf2PMOrtpSVRwJgQnWHd3VY1LZD0LtLiH_seE7J5itTZX-M0ded4tIIEn6sGYwy6xW1GuLeSJtsVwK_Le1UhNZyXLFFCJQFgsPzpUhCZuhGdQUk87DqBGPQsIZm8dWunSCl-tzsR2UNsdzZnPkfl5DRTYtKwT6espueJthdjHlKr2w_C6ScbGh_QowIP42gv4EFj_WgfI1Jeyq5PKQ3ldkDKTFVDQocVmlrU1FwnfY23OjOXHdQpbgbtnWHdF7tOn_8SLCEJkuPJ1UhOoi5U7T6vkogwVOZWl_Sb_NQF_-iy44ckMAuCQmqO09DoM0BMfo5QqYYzVshDpwKYOA0jMcAre6FEwWC2SdPCVZPlp1z83LT9pR6KWgxfRWULboMToRwxXOuLGoq9K7hpxXjSJRtrHHp96bZ7gBSmXrhZqwOl-Sriwy6bzUvkIfhrgCGGUleBqmRYo1981htP1Q6V131z3Yl55wCWhm1PGMz9KO5Cp5-WWFVnZBg8r3NGHnaJHs5KlFfv6vOU2npihzMfOxuLe31M4k3K8iE8vfBgBHwoUEmKacEBVANnCk4pja4iWz_FZL2WsQZ5d06fFawbQxvH8hgQEtS7S6bcVYG2IqT8HFpzknk77usNiREZtBhQ_Ng39sKrda6FOZlk3wLNqbkLPAIaaJAH6hfK66SH4dUDl2YUfykgv9GDf8ScOrQDG_wGxzz94KlifK4KwsyjmB1eBPbbAPwZViPI89tFdBL1B8rHY9SrLxVqlxIv1CtY5iTyL1XKcgfjScH8vYC3z-1cN8L3CDhRV_z-cqMrDQx4TRY25lQIQS9FTkwz8z4zaWle34ciytAMIBn6-TkanpsTfxeTWv1DNjV1jvxjq1fCxSCbh1n_GPYm10NlbxC4S9EYr_JrJbpxIW_NE3yL9Czo0ASt5WMQk5jFzm2oqx_8GysndP8KgZSeShh3ZDxzU_JPoajFT152zKidLqKPd5748uRJeFXXqgG7YEEebf9lQUm8xMAs5O4vy4kFNuv07h9m7Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=2de8bbcf5368d894a7e59eb93891a7b51714851905&psp=2I8YKuvEAq2OsFa2S3x1Kwp4jFiriJNRrqkysanK0Z9Otq1INofa0L60NEZYD-VDes-mR-UpKNbJ6riWKZl4uANC_xWtAlsl5XzxEtUsqIqmY7-GWywPzUAE0O8u8a3OFJySIHjJEdAukvT-wPD2Oz8VqxTgqnIwF2FcWOxDdIhH2F0yhoYs6u6v47WT12bZYMLa6LL9jmoLJ4cu3hfX5o50LQLtHW2LhTNwV-87LxZYSzWCbcpmMplVq9VXrZimqEdWBnYTxEZ7TIl7PwiFBo1HuemB_Acwg9DfN-CliOWnDX6WtWaG5Tlel26EzQeEwi_fPNd3yt-eaE9ZDxC5wseVmJPqYn2Gt-fTR9EQSRz7xPqGksMBoRS_mUY-3DklLp_c0dTxjvQJtxoRpXKVvNBZUYW5t33NdsYigChbWm1Tu2Mw1v_9Q1IuRxPxEetodpiNGZJfENDQYmblWua8-7exWh4BdmYqXDWtJcUAYiDRSs8mysM4GUTDLDaUAn08eeUjWH6ZMDZ1b4-jV0dwQZeyWHe8Pt4ng9_Xq_7amEv6yyFJT8ElwhlCqeXMmgA35ugMPKgJpqpOc4w4P46byCb3kOV4p7ejsXOfMUKaKt1ZIvmjNms3EdD_lfTxSYrDaksRM4pF_QuwmR7IrXuRc8xkTm-bm75v3YQhNzhd82XPhB3X75JBJQdgcPghayhHvvqWV9BL5AF6BSyeFfDu_9J_FUHTlBmWWUnWqdyBqR_ci9V1hxT_h5KX_8mPKf6MhP7D0OpbVVMq4BJjJ0J0suSf3olGTTuRJpcRS-YxKM7_mxlMFku4sfKuYykdGycHWFchij3cmXPnFJyd7O0alhYMSFd4QDSFXo9Cdx17Ce-A40pN79PqfFqtenEuAC5GQsc_75sofJruQCRHRIBkUBnbgclt_63N6uKbIZNUd3Ny5TBFwrOhuvC_GKPMN9s46-w7rZ5dl5Z-ZmoflvQncMbPn0SPzdud9YPy-lKMP1AjlpmrpurYxAfCUbWMTmRFkccItXbptf45d7zG5O5Xzu5kbyFkKKtgrw-4-5UJCitUnQ-t0JqwQdOLtv67WmVtfoXdSIVgn1SPYWRCIwo1rX-NVWo_i_UYJzey3DTCo5zFORKJgjwL6eJ_G0rD4vspKEHL03VMeOhyntNcXWbu36ADTZwLDIkBdv1ly0KzhJv1LxWmy2sbkw5ZZl63GLRsootLaBDdtB-xw5vuBplMbxv72d1-ZjP85Q7GC5Ic64_DGJEKbUr5fzuvEuSbXQ6SOXyeJW9lPI8ByyVtenAu0-bGqJLuH50zEy2HpaySGej9afGC-Ko4d8WFmoXfDWvqMoZ0FyMzTsviw6JSwVxAGbxtS8JjOlzmDBbRzaN3phAwz86FL0kiAg3mYU49t2jTO8Bnev4Q_WlQwW81L5zpTWoNfPu3IAZKePywW3aHo2W2syR756F0VKEFfRShNBcPrzYBAJLRHuc6NDdIS15eTBzZxBYiB56uLuK5NyMw7ONNfJtTRyKUEfYFheYvvV-3yV38tLnJZcZyUG_rTqDc_qpdIWraGIJJg6tx847xzyTJDwLursbAc9wDOgFIMFJBneVKjjOoBpLkyZlw4eeq7NFK6Y8LW5osibzW8xh_4mbvaoZ54KhSeVT6forDOjKOJnvwBu7opj_z7XepbI2GCvv0bVsAgyni247vOm2IBcf1aZ6YfDrkPI9Xs2ZddGLnAcKHb3eWCq_yOC0rhy4nuDAnX-2VEpXO6mUQV_xo7gVDjpS02v0lUn7SnTdMqeeZ2G9f1tlAH1oTdP4vzQuEldBr4td27xYT32y7sXHOtZaxozoViDz5ieTCr4I5LUxAGwj-_-3MyZ2WlSQJFvCRiudKcsFrAPd2prfcK6PlERHxhi9okyUYx9csOemrLmXJDTEOvIGrX930CrY5gAORtzzg9KLivSsV4tlSDXKO0Ytn5pChYIuYBf1SJJ-9WYWWxp80lUvIYhVbZ13suXeyVHon5oL2oev86TgR5Ll8Ti1oMVkmKoce33oriTihLpS-A6N7tei5R3MQjWnJrLbOJb6KELr7J6mH8A7q0zZ-md20B168d_FnS5KO_tOgJrbPRsWIYitmv58T2Y_dPr6fKm27MwDPCusgy8Wf0CMZegCFNmeeSLootOx9aOH77ibAp03CNYxBHkAxj2GfeBzOuE_YA4_b8hOeuEQ4n-Qp2DHMW9dAH_oUE2cGVZrQLiYfrJnU-9U3GEADSlYPI0_Kx-DCckJond9L8BSTMJ7d_Aail0ByFMu4p_yV4IGbesM5YfaPx_WuwN3igN3kcYD5FREN83uqHcWLzi3LYCrA1pbGM-iFT49D7-D7WFAk2nnIcWzRIwtrv6Ing4FtGqTn0mKg0y4z7-vOC2CFYXDP0YfZy5T2HdUrsx0kVYS8GBGWYDsDSevJogWFDYAeBB5RBYpHSht0TRdWc6rQlqHqaHPXRcQ8V2FgNufYkw--dRnmMUpwDXfgm3SijHCf6rtV2Zu4REfzL3Qh_T8m_u-v-7cj_UD0QHjRCbNW0QCzGLncbpQdBYyV_rTxxC7nFReACgswafRnwvx-MnbdXSBJA9NLpGiHnVjiYVLy04yC-S9ioNrkFMfkomiBcV4oKL9L8obhe6GH_lJ03obvX6R7ZYThzAMhYLXAgg98o_EfydIRdz0GkX1CcsRRgLRAF1-TVBhQ8JGPsBNCYK0Qh--xrxbJhUS45lcLibS7kQCnNZr5uRkVOMcGCueUQMLdClIzEoWXE2QuyFBR0ihGCz2T32MgVtPm5BywbwhsivA4uefXdxbxVvkF5ojYfQTVf8a6sLTC-E5HU1Wk_pxMO3zFBOBoH9Y-l2yi9a--3HRW_QlvSZJapWc2dlXs42sh0dS9J3x-Y5_efW-mn_cHn07myJQVuKqVHbdGjUlG15brVAp894ok_uJIZXyr3I5tkDRtY9FHjQU_PpvfRA7s4Nk5PgaXaN7f0AHkG_SmUglh3kYZZljs7h_N9vEsvKINQC8Kciv5Y0lvZX-SDNRk2HQoDeSdeAN4bjXsSVlr0eC2SL9w28p2_oUCuIblVf2PMOrtpSVRwJgQnWHd3VY1LZD0LtLiH_seE7J5itTZX-M0ded4tIIEn6sGYwy6xW1GuLeSJtsVwK_Le1UhNZyXLFFCJQFgsPzpUhCZuhGdQUk87DqBGPQsIZm8dWunSCl-tzsR2UNsdzZnPkfl5DRTYtKwT6espueJthdjHlKr2w_C6ScbGh_QowIP42gv4EFj_WgfI1Jeyq5PKQ3ldkDKTFVDQocVmlrU1FwnfY23OjOXHdQpbgbtnWHdF7tOn_8SLCEJkuPJ1UhOoi5U7T6vkogwVOZWl_Sb_NQF_-iy44ckMAuCQmqO09DoM0BMfo5QqYYzVshDpwKYOA0jMcAre6FEwWC2SdPCVZPlp1z83LT9pR6KWgxfRWULboMToRwxXOuLGoq9K7hpxXjSJRtrHHp96bZ7gBSmXrhZqwOl-Sriwy6bzUvkIfhrgCGGUleBqmRYo1981htP1Q6V131z3Yl55wCWhm1PGMz9KO5Cp5-WWFVnZBg8r3NGHnaJHs5KlFfv6vOU2npihzMfOxuLe31M4k3K8iE8vfBgBHwoUEmKacEBVANnCk4pja4iWz_FZL2WsQZ5d06fFawbQxvH8hgQEtS7S6bcVYG2IqT8HFpzknk77usNiREZtBhQ_Ng39sKrda6FOZlk3wLNqbkLPAIaaJAH6hfK66SH4dUDl2YUfykgv9GDf8ScOrQDG_wGxzz94KlifK4KwsyjmB1eBPbbAPwZViPI89tFdBL1B8rHY9SrLxVqlxIv1CtY5iTyL1XKcgfjScH8vYC3z-1cN8L3CDhRV_z-cqMrDQx4TRY25lQIQS9FTkwz8z4zaWle34ciytAMIBn6-TkanpsTfxeTWv1DNjV1jvxjq1fCxSCbh1n_GPYm10NlbxC4S9EYr_JrJbpxIW_NE3yL9Czo0ASt5WMQk5jFzm2oqx_8GysndP8KgZSeShh3ZDxzU_JPoajFT152zKidLqKPd5748uRJeFXXqgG7YEEebf9lQUm8xMAs5O4vy4kFNuv07h9m7Q==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993683410485760&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405041245b70a8420af3f41b68b15ebd748
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:08 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Mon, 03 Jun 2024 17:45:08 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmNmmQ; Path=/; Expires=Mon, 03 Jun 2024 17:45:08 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 6.5 kB |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with very long lines (6380), with CRLF line terminators Hash8a587ded1f07a6a82e5e181e55127f84 43fe104580701e596784f5765bdbd908b3c4e38b 314ecc6803e67e5f66304c564b763fc411e8323fc3483601cf4af79fac657869
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 17:45:07 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4Ezsww0Hnx4fS%2BDTcQlA%2Fz5XAtFVy0m9Qi%2F0fVhHC%2BweD15IKwKHg20%2FtaCc1BAcdmb%2F%2F6BYaFQpx6fKic8XOH223FysyqkfGVIvvb81TEl0DVIVqwPy1DcySqdLfwExLnsbWCzjZ%2FtRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d77be67b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=e4a34c26-be06-4f41-a3e8-9df3cfea8566&subid=1511354673&sid=3842308737&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=e4a34c26-be06-4f41-a3e8-9df3cfea8566&subid=1511354673&sid=3842308737&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=e4a34c26-be06-4f41-a3e8-9df3cfea8566&subid=1511354673&sid=3842308737&spot_id=529500&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:10 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 324 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash5aebd17d44825463dc5d20a0fd8b6061 fd05ef614c535a8934771c6fea5b5fdebd105ecb 698865e01b55bfdcc7135031fa7f59454b3153cca7f68c414e801c74a21e8291
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Sat, 04 May 2024 17:45:07 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P33fZybxo5dE2ODH8aM3lPxJzMRfkzmJgn7C9wPdXnC3KlJ747yLItJDq3a2zB4GL%2Fa0hBBXIN2SGCY9va4o%2FX53lGqx1FNDWYS5LUgz9a7MEhiXyHSdcuMBiNGMJmfOBDIp%2BmBTUH6JKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d7f6a5cb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/multy | 94.130.198.6 | 200 OK | 4.3 kB |
URL POST HTTP/25d39fe7c75.2ac4fce9b8.com/in/multy IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hash26a6f7c393116cc03d8a46bf0c6108d4 57776161ac500819abfd5de57c44b57cf7109b74 e821e7d4566df8a93899122ff5621cc4177208783c97c9816b67738e0e97f935
POST /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2382
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:11 GMT
content-type: application/json
content-length: 4292
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=0203182e-8cde-4901-a65d-8b81be570236&prev_step_diff=1343 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=0203182e-8cde-4901-a65d-8b81be570236&prev_step_diff=1343 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=0203182e-8cde-4901-a65d-8b81be570236&prev_step_diff=1343 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:12 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 17:45:12 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:12 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 17:45:12 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/jC1ED40xOQznZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKluL6KdAQfSr5OvE0n-g7Ms7WuYNqWijxy2A?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2017%3A45%3A04%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.1 | 200 OK | 1.7 kB |
URL GET HTTP/232879.2481april2024.com/jC1ED40xOQznZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKluL6KdAQfSr5OvE0n-g7Ms7WuYNqWijxy2A?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2017%3A45%3A04%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.1:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typegzip compressed data, from Unix Hashd46a0b21e7866aec5f5859bc97daa519 78209ccd6fcf632dbf80fc123c20d3189ab7ff9e ff5c8173e7e1631b01e2bec4206198561a0c177394487a6498142037f55fe3fe
GET /jC1ED40xOQznZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmqKluL6KdAQfSr5OvE0n-g7Ms7WuYNqWijxy2A?kws=video&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20May%2004%202024%2017%3A45%3A04%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:08 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Sat, 04 May 2024 17:45:08 UTC
expires: Sat, 04 May 2024 17:45:08 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844711&subid=1511354673&sid=3842308737&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3Dwmi348PO7nU6_TtL3l6HZCdPiyoxiZ8XV93C16-NtIZxe_OGDzW65lBYTWxN2meioLoT-qf6K7mz_W4hzdR5RqOXRenYFZdxU21H22v9rdgxCAGqGUYyAxBMTPPMdA5-SL2C2Gmhc4mfop4bceCzpqJyFelsRuwS91MiMktLX6B-AeA3mc1vcDnukQmo_Fjg50SIJRAYcXfyHgymFm4AV17JcLVLuI0YkyNzGSHiltccVRxpsOlUaRs8rRiOoB-x6Mona5T3wooWvHC8TU_s9Uwmtl6_RauSfdVo3Hd4Xt0eVzQfs_3LMfD0aBFRZgvbNMCiU5GFb4XOAhm6x1f4mpoy7_W8hyytla5t-JmG-glx9Kwpam0Q1lzgiQnfRctkwJ9fFFCMdf7VgTgxhr4rv2gPdDa5yrTUKCEDhhnUMluPU1cHB68nrRPurbP1QPgts_mCl__RfQ_uLlti71BN0YYubr6Xy8DAZCeo4sPsJc3e_qSjhsZ2Ycf6P1rXNgqLi8bT_jTklJquLNk2iG3GOw7EwuVqC5anBh14mnFNEBwdtppqnJgKALaHe6dkcMEMWR9HQ_o%3D&icons=EhU_f81x7V7LWDZuRjlYIGKxAG2cY6lW3FJhUW3Z80uiQOOd_ALh2BLOQjSSWsB4vy8g5MNWHHaxM_OKAEO_zKwMWSCie7L6AJEQ6eKwpwtwn5AkaISbrWlVzqDxf_SMwBqEjoT4buGDX1StwtbUwtNqtv1pAI8Ij9BoPzJ20eH7ckBwX0x4x_9Ja9aQjF_jOTtQovlfc4ClULApUKyAJelRfQ7wem1cIvfObjXkzk5Anwq5Z1z2BwKYZ1WtohofvHTz27ihFlEDZEYbKJq-2V7JyLj5bISaqg22vg4o-xD5SCpYXy3fzGkfYPTyFkkMrQMHBBSmrmZn_FRqZ0pmW69Gi43x3XW5nQX-GVXek6fJ-CPV6a_E_T8G60eGwKAgbg-VWlz1xtulLwM_L_8xZAwa6eEFJSiOZh4v7DVWeACiqwbqze-Y0L8QFkAy9gzZ5QV7VY46cT_qc5-moUh5SxIovP-N1sFXwAYLegRUelCXnwejK2gMbkYx8queWAPANhTiCQB0MudYYIHLRhALAl0Pp5K0SaUaZbDB6K72vbGiKGSX-fHErtRPphhGHsDV5sMnlM3XC8zNqal9NIAg9ANyP0XipWQRBdX-v619Ydo8uZivKb7SVQrYdcnBFQcgoSJC6fkq_1Tn6nu6Sz54F3--EfdRwy17u17ppyWH5ClI1AtAbPly4h-4bxuq5b0NRQ&ext_cid=0&px_id=31529500&min_cpm=0.06355637635485391&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=4178039338996310046&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.07372380614598437&cpm=0&verify_hash=e2fe64a267f168baf02ac06ffdb66dd7&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714902311&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F61863514%2F551812_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=e3b0b298-c220-44c6-8d99-2bc359ff023c&prev_step_diff=1343 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844711&subid=1511354673&sid=3842308737&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3Dwmi348PO7nU6_TtL3l6HZCdPiyoxiZ8XV93C16-NtIZxe_OGDzW65lBYTWxN2meioLoT-qf6K7mz_W4hzdR5RqOXRenYFZdxU21H22v9rdgxCAGqGUYyAxBMTPPMdA5-SL2C2Gmhc4mfop4bceCzpqJyFelsRuwS91MiMktLX6B-AeA3mc1vcDnukQmo_Fjg50SIJRAYcXfyHgymFm4AV17JcLVLuI0YkyNzGSHiltccVRxpsOlUaRs8rRiOoB-x6Mona5T3wooWvHC8TU_s9Uwmtl6_RauSfdVo3Hd4Xt0eVzQfs_3LMfD0aBFRZgvbNMCiU5GFb4XOAhm6x1f4mpoy7_W8hyytla5t-JmG-glx9Kwpam0Q1lzgiQnfRctkwJ9fFFCMdf7VgTgxhr4rv2gPdDa5yrTUKCEDhhnUMluPU1cHB68nrRPurbP1QPgts_mCl__RfQ_uLlti71BN0YYubr6Xy8DAZCeo4sPsJc3e_qSjhsZ2Ycf6P1rXNgqLi8bT_jTklJquLNk2iG3GOw7EwuVqC5anBh14mnFNEBwdtppqnJgKALaHe6dkcMEMWR9HQ_o%3D&icons=EhU_f81x7V7LWDZuRjlYIGKxAG2cY6lW3FJhUW3Z80uiQOOd_ALh2BLOQjSSWsB4vy8g5MNWHHaxM_OKAEO_zKwMWSCie7L6AJEQ6eKwpwtwn5AkaISbrWlVzqDxf_SMwBqEjoT4buGDX1StwtbUwtNqtv1pAI8Ij9BoPzJ20eH7ckBwX0x4x_9Ja9aQjF_jOTtQovlfc4ClULApUKyAJelRfQ7wem1cIvfObjXkzk5Anwq5Z1z2BwKYZ1WtohofvHTz27ihFlEDZEYbKJq-2V7JyLj5bISaqg22vg4o-xD5SCpYXy3fzGkfYPTyFkkMrQMHBBSmrmZn_FRqZ0pmW69Gi43x3XW5nQX-GVXek6fJ-CPV6a_E_T8G60eGwKAgbg-VWlz1xtulLwM_L_8xZAwa6eEFJSiOZh4v7DVWeACiqwbqze-Y0L8QFkAy9gzZ5QV7VY46cT_qc5-moUh5SxIovP-N1sFXwAYLegRUelCXnwejK2gMbkYx8queWAPANhTiCQB0MudYYIHLRhALAl0Pp5K0SaUaZbDB6K72vbGiKGSX-fHErtRPphhGHsDV5sMnlM3XC8zNqal9NIAg9ANyP0XipWQRBdX-v619Ydo8uZivKb7SVQrYdcnBFQcgoSJC6fkq_1Tn6nu6Sz54F3--EfdRwy17u17ppyWH5ClI1AtAbPly4h-4bxuq5b0NRQ&ext_cid=0&px_id=31529500&min_cpm=0.06355637635485391&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=4178039338996310046&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.07372380614598437&cpm=0&verify_hash=e2fe64a267f168baf02ac06ffdb66dd7&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714902311&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F61863514%2F551812_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=e3b0b298-c220-44c6-8d99-2bc359ff023c&prev_step_diff=1343 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844711&subid=1511354673&sid=3842308737&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3Dwmi348PO7nU6_TtL3l6HZCdPiyoxiZ8XV93C16-NtIZxe_OGDzW65lBYTWxN2meioLoT-qf6K7mz_W4hzdR5RqOXRenYFZdxU21H22v9rdgxCAGqGUYyAxBMTPPMdA5-SL2C2Gmhc4mfop4bceCzpqJyFelsRuwS91MiMktLX6B-AeA3mc1vcDnukQmo_Fjg50SIJRAYcXfyHgymFm4AV17JcLVLuI0YkyNzGSHiltccVRxpsOlUaRs8rRiOoB-x6Mona5T3wooWvHC8TU_s9Uwmtl6_RauSfdVo3Hd4Xt0eVzQfs_3LMfD0aBFRZgvbNMCiU5GFb4XOAhm6x1f4mpoy7_W8hyytla5t-JmG-glx9Kwpam0Q1lzgiQnfRctkwJ9fFFCMdf7VgTgxhr4rv2gPdDa5yrTUKCEDhhnUMluPU1cHB68nrRPurbP1QPgts_mCl__RfQ_uLlti71BN0YYubr6Xy8DAZCeo4sPsJc3e_qSjhsZ2Ycf6P1rXNgqLi8bT_jTklJquLNk2iG3GOw7EwuVqC5anBh14mnFNEBwdtppqnJgKALaHe6dkcMEMWR9HQ_o%3D&icons=EhU_f81x7V7LWDZuRjlYIGKxAG2cY6lW3FJhUW3Z80uiQOOd_ALh2BLOQjSSWsB4vy8g5MNWHHaxM_OKAEO_zKwMWSCie7L6AJEQ6eKwpwtwn5AkaISbrWlVzqDxf_SMwBqEjoT4buGDX1StwtbUwtNqtv1pAI8Ij9BoPzJ20eH7ckBwX0x4x_9Ja9aQjF_jOTtQovlfc4ClULApUKyAJelRfQ7wem1cIvfObjXkzk5Anwq5Z1z2BwKYZ1WtohofvHTz27ihFlEDZEYbKJq-2V7JyLj5bISaqg22vg4o-xD5SCpYXy3fzGkfYPTyFkkMrQMHBBSmrmZn_FRqZ0pmW69Gi43x3XW5nQX-GVXek6fJ-CPV6a_E_T8G60eGwKAgbg-VWlz1xtulLwM_L_8xZAwa6eEFJSiOZh4v7DVWeACiqwbqze-Y0L8QFkAy9gzZ5QV7VY46cT_qc5-moUh5SxIovP-N1sFXwAYLegRUelCXnwejK2gMbkYx8queWAPANhTiCQB0MudYYIHLRhALAl0Pp5K0SaUaZbDB6K72vbGiKGSX-fHErtRPphhGHsDV5sMnlM3XC8zNqal9NIAg9ANyP0XipWQRBdX-v619Ydo8uZivKb7SVQrYdcnBFQcgoSJC6fkq_1Tn6nu6Sz54F3--EfdRwy17u17ppyWH5ClI1AtAbPly4h-4bxuq5b0NRQ&ext_cid=0&px_id=31529500&min_cpm=0.06355637635485391&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=4178039338996310046&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.07372380614598437&cpm=0&verify_hash=e2fe64a267f168baf02ac06ffdb66dd7&is_native=1&real_bid=0.0031886250525712872&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,11,93&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=2&expiration_timestamp=1714902311&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F61863514%2F551812_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000037499999999999997&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=e3b0b298-c220-44c6-8d99-2bc359ff023c&prev_step_diff=1343 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| imgsdn.com/ie?v=4&c=4JIpVtHEQG3jLezKgBIep1dra6ClqyVMyr-2PAPUyQ8IvmbH1twG0qc8PKqou9OsDKEteieNLDmGljepVE1_JI3iuy69-sbnBecMCpZKo7O_g4ezVUrPYJgahLJWfKORZkEwgit8R0DZFnFysOSJaJPgejxjf_KmDViLpJgrA2j2p9KWtHGheV1ixOcfDZx7RCE2GGv5CuzqEBW0i6NWsZi3_8ZmMwQPZDNNIO0laHDF_lb7y35VKeOI_L54AHBY0gvGMO-hZdvVDgrD6YrUu31e3-FZ1QRGR4VWQ2n7aA-2_GKiuBJ5U4BUrn8R-5v02YcUi8PMoJjM1ggu6xGr_C80hCSicSKNWT41JNMi3SW8k4c86ukozW7n3FlEbb484Z2IYF2XwZTL2mBdsItjaSESJi73eoHKBRwvjDczzAaUkMSeG25XW6ElR9IT&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=ba7edf80-76b0-439f-b4a0-9c751ff31b47&prev_step_diff=1343 | 157.90.94.146 | 301 Moved Permanently | 0 B |
URL GET HTTP/1.1imgsdn.com/ie?v=4&c=4JIpVtHEQG3jLezKgBIep1dra6ClqyVMyr-2PAPUyQ8IvmbH1twG0qc8PKqou9OsDKEteieNLDmGljepVE1_JI3iuy69-sbnBecMCpZKo7O_g4ezVUrPYJgahLJWfKORZkEwgit8R0DZFnFysOSJaJPgejxjf_KmDViLpJgrA2j2p9KWtHGheV1ixOcfDZx7RCE2GGv5CuzqEBW0i6NWsZi3_8ZmMwQPZDNNIO0laHDF_lb7y35VKeOI_L54AHBY0gvGMO-hZdvVDgrD6YrUu31e3-FZ1QRGR4VWQ2n7aA-2_GKiuBJ5U4BUrn8R-5v02YcUi8PMoJjM1ggu6xGr_C80hCSicSKNWT41JNMi3SW8k4c86ukozW7n3FlEbb484Z2IYF2XwZTL2mBdsItjaSESJi73eoHKBRwvjDczzAaUkMSeG25XW6ElR9IT&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=ba7edf80-76b0-439f-b4a0-9c751ff31b47&prev_step_diff=1343 IP157.90.94.146:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnimrute.com FingerprintFE:11:FD:FB:69:FC:E9:22:01:AE:4B:9D:F5:85:C9:1C:FF:4D:44:D4 ValidityMon, 12 Feb 2024 14:13:04 GMT - Sun, 12 May 2024 14:13:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=4JIpVtHEQG3jLezKgBIep1dra6ClqyVMyr-2PAPUyQ8IvmbH1twG0qc8PKqou9OsDKEteieNLDmGljepVE1_JI3iuy69-sbnBecMCpZKo7O_g4ezVUrPYJgahLJWfKORZkEwgit8R0DZFnFysOSJaJPgejxjf_KmDViLpJgrA2j2p9KWtHGheV1ixOcfDZx7RCE2GGv5CuzqEBW0i6NWsZi3_8ZmMwQPZDNNIO0laHDF_lb7y35VKeOI_L54AHBY0gvGMO-hZdvVDgrD6YrUu31e3-FZ1QRGR4VWQ2n7aA-2_GKiuBJ5U4BUrn8R-5v02YcUi8PMoJjM1ggu6xGr_C80hCSicSKNWT41JNMi3SW8k4c86ukozW7n3FlEbb484Z2IYF2XwZTL2mBdsItjaSESJi73eoHKBRwvjDczzAaUkMSeG25XW6ElR9IT&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.12&cpa=ba7edf80-76b0-439f-b4a0-9c751ff31b47&prev_step_diff=1343 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Sat, 04 May 2024 17:45:12 GMT
content-length: 0
location: https://img.vmmcdn.com/get/94066336/551812_icon.png
x-app-id: 13
|
|
| img.vmmcdn.com/get/61863514/551812_image.jpg | 46.4.121.113 | 200 OK | 12 kB |
URL GET HTTP/2img.vmmcdn.com/get/61863514/551812_image.jpg IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3 Hashee921bcd225785444d8ab128ca1d0941 e92f5588c738df6912e3658d883aeb66b486560b 4da4a312766a4b2e3cb69b5d7188a4b073e757ae350687ac22b3dfa81fccf15c
GET /get/61863514/551812_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Sat, 04 May 2024 17:45:12 GMT
content-type: image/jpeg
content-length: 12075
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-2f2b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img.vmmcdn.com/get/94066336/551812_icon.png | 46.4.121.113 | 200 OK | 16 kB |
URL GET HTTP/2img.vmmcdn.com/get/94066336/551812_icon.png IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash98e46036cc72688816be82af7bb79ca2 a9440b902f5df8848e7dbc751574c9d2684f231c 3cf86dd4a41eb5c8054d74ccbe0dddb4e8949623eb51ed1674c1a676d706d536
GET /get/94066336/551812_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.1
date: Sat, 04 May 2024 17:45:12 GMT
content-type: image/png
content-length: 15536
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-3cb0"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844706&subid=1211831614&sid=1981786523&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=HqUdldZvYfGRYhVUypEf8ycd8UWL_y7ngLMXBs4vzZY9GisGQl-GfMT8EdM8CHN9rcmN7BHBfZ2uX4ecx_p2-AC4aFMQ61YF4VRx92Fe53K7h3uj30FXt3ARJYy_JQiRfSAN-B2oNqle9XNu8yRjUb2uy8_qXmMjwa7IzfeOT9VXefuOSQ&ext_cid=0&px_id=560190&min_cpm=0.10770581248510722&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4165368421541241441&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.037768329370715545&cpm=0&verify_hash=433434bb2649a6d7866cbd83146067f6&is_native=4&real_bid=0.0009639254951533079&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.03&cpa=d34a62c3-83a3-4637-932d-c34c8228b227&prev_step_diff=854 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844706&subid=1211831614&sid=1981786523&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=HqUdldZvYfGRYhVUypEf8ycd8UWL_y7ngLMXBs4vzZY9GisGQl-GfMT8EdM8CHN9rcmN7BHBfZ2uX4ecx_p2-AC4aFMQ61YF4VRx92Fe53K7h3uj30FXt3ARJYy_JQiRfSAN-B2oNqle9XNu8yRjUb2uy8_qXmMjwa7IzfeOT9VXefuOSQ&ext_cid=0&px_id=560190&min_cpm=0.10770581248510722&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4165368421541241441&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.037768329370715545&cpm=0&verify_hash=433434bb2649a6d7866cbd83146067f6&is_native=4&real_bid=0.0009639254951533079&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.03&cpa=d34a62c3-83a3-4637-932d-c34c8228b227&prev_step_diff=854 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844706&subid=1211831614&sid=1981786523&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=HqUdldZvYfGRYhVUypEf8ycd8UWL_y7ngLMXBs4vzZY9GisGQl-GfMT8EdM8CHN9rcmN7BHBfZ2uX4ecx_p2-AC4aFMQ61YF4VRx92Fe53K7h3uj30FXt3ARJYy_JQiRfSAN-B2oNqle9XNu8yRjUb2uy8_qXmMjwa7IzfeOT9VXefuOSQ&ext_cid=0&px_id=560190&min_cpm=0.10770581248510722&out_id=0&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4165368421541241441&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.037768329370715545&cpm=0&verify_hash=433434bb2649a6d7866cbd83146067f6&is_native=4&real_bid=0.0009639254951533079&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.03&cpa=d34a62c3-83a3-4637-932d-c34c8228b227&prev_step_diff=854 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/g/jsd/r/87ea4d5e09520b02 | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/g/jsd/r/87ea4d5e09520b02 IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/g/jsd/r/87ea4d5e09520b02 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12192
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=T0iWm3Tldc0xS7wnT9UMkJF2Nty1sei1x3JMLhIA.3M-1714844705-1.0.1.1-DvnAHHYBe9ELWtwhq4vahNgrqMcXTws3TNGX0BnwPMzCE8sKXlsTkd91EovQYGCYDL4ReQinQ7S_8C2m_9a_dQ; path=/; expires=Sun, 04-May-25 17:45:05 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzTRMlYLhSGVhW%2FjF5lF%2BsXdtE6iNh633NcyU6yEViuaNWkgDu9WVv6sKWSgv3eF7jeCwo8vnWlvRyNwAuy84oFCHQvjCrwpmx8zhWR4ToDYmvqA3NolC0u4Af4Bz%2BV3t76y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d703a257127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/161855?version_name=c | 45.133.44.53 | 200 OK | 3.0 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/161855?version_name=c IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3443), with no line terminators Hash539c3474e240aacb5a461d2e54d5991b 480a1ee3a1b9d9d8be4df0fd585dde70505a869e 402b709d153292680ed433ef6e7fb637ede41d83c2a8054291dd7f369811dfeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /22802538876b351854c895125b33cfd1/161855?version_name=c HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 04 May 2024 17:50:05 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/b736a0aa40f2bd510763079b8249450f.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b736a0aa40f2bd510763079b8249450f.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mbddip.com/in/dip?site=native-push&wl=1&event_id=e1db0450-3731-4a01-b151-6026d59d0734&subid=1211831614&sid=1981786523&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbddip.com/in/dip?site=native-push&wl=1&event_id=e1db0450-3731-4a01-b151-6026d59d0734&subid=1211831614&sid=1981786523&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=e1db0450-3731-4a01-b151-6026d59d0734&subid=1211831614&sid=1981786523&spot_id=560190&created_at=2024-05-04&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.201 | 200 OK | 158 kB |
URL GET HTTP/2mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hashc6ea5aedb4469e81f7d41b0eec41f409 7d7edc7b87462fb56c5e3c17c86bebad542d1d6f 72ad45cf0dd548c1f9611c35289dec90c22375b45bf1aa33d6a14ac7f896865b
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:03 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714732812_7c7184f050dc3440.mp4 | 0.0.0.0 | | 0 B |
URL GET www.amdahost.com/videos/1714732812_7c7184f050dc3440.mp4 IP0.0.0.0:0
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/1714732812_7c7184f050dc3440.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: video/mp4
content-length: 618035186
etag: "24d677f2-6634c173-8c4e37;;;"
last-modified: Fri, 03 May 2024 10:50:27 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVs1dV5u%2FNwAodZgTAAVJ%2FgSE92fdncoHMj2DcSddCR59ONxFkv1jrz5USCUk5JyMWCH1hIUXZPEU%2BNa0Pr5G3urb4dPALAaTUPIlbRuRf17OH08Xb7YzfVvVgRtlMAEmkoX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d6d8ddc7127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js | 212.117.190.201 | 200 OK | 106 kB |
URL GET HTTP/2b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Size106 kB (106460 bytes) Hash5c1245ce45f7e0a8ff772bf695857a27 fad29ae9877616251044562b679427d9450199f7 9eee888953ac3827e3a1951d646e67fd6c34a47c7f4ff861c8b875218889513b
GET /t/9/fret/meow4/2020088/0d68ddef.js HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:03 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/includes/update_visits.php | 172.67.183.69 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 50
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6; cf_clearance=T0iWm3Tldc0xS7wnT9UMkJF2Nty1sei1x3JMLhIA.3M-1714844705-1.0.1.1-DvnAHHYBe9ELWtwhq4vahNgrqMcXTws3TNGX0BnwPMzCE8sKXlsTkd91EovQYGCYDL4ReQinQ7S_8C2m_9a_dQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:20 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JGY664HtssJGI9gQea0%2F423DpFQkTYf8ZXDcaNPIW8jhG2qozqiwjM2YkvaGolfPEaZ%2Fr%2BWaMvIdnj%2FasdRwpzpjtdJTs%2BQI%2FAbNtRmhCpkfdZpnk7%2FihdL47j2D0%2Bw4lyP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4dcf5f087127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.mbidpp.com/popunder-admanager/build.m.js | 45.133.44.53 | 200 OK | 97 kB |
URL GET HTTP/2js.mbidpp.com/popunder-admanager/build.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.mbidpp.com Fingerprint5B:B3:95:84:D0:2B:0C:9A:68:98:53:B0:A4:A5:68:88:B2:A5:5F:82 ValidityThu, 18 Apr 2024 03:01:11 GMT - Wed, 17 Jul 2024 03:01:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:06 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:06 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 420 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash75f97bdeb174d8b64c2078ceff6726a3 beb63d63eb0398c4e6f15b6f2ad83c9fd7ef272d 0dd00245b771e2aada55e76fe50ee64c186e9413f70b1fc54da284a2cab024c6
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.mbidinp.com/skins/nmain.m.js | 45.133.44.52 | 200 OK | 470 kB |
URL GET HTTP/2js.mbidinp.com/skins/nmain.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /skins/nmain.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:06 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:06 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1310), with no line terminators Hash6ed7e36a675f79912a60041296e6712c 90726391e4efdc836774a463094dbce3f980c761 59214048cf850c5c635c4bd6669db6222a200dd806e8ec2b2e8f504fa0b9393d
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844711&subid=1511354673&sid=3842308737&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=lkwy2gXNGfmVvwcWpvfhRXYb7oqr5zaiLYxr0ifDZDkwRIAluJCRk4G8oXMIZxmSQZ7YG4-vNas3WOlWaaHyntaQqSOw--iwiEO_Pg-qoJWufZIyBz-ABXeW5ftj546c12vd0wvbveKg78cwe8bnzNhbdVmlsOQ9sRxeYKn7sm3eOEs4gA&ext_cid=0&px_id=529500&min_cpm=0.012164235773077263&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4178039338996310046&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0035080168538968726&cpm=0&verify_hash=4d52f7bd8034db586ba0313f0dc18037&is_native=4&real_bid=0.0007927416486436153&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=ccfa6ff2-5c02-41be-b3b5-4ffabedbba8c&prev_step_diff=1344 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844711&subid=1511354673&sid=3842308737&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=lkwy2gXNGfmVvwcWpvfhRXYb7oqr5zaiLYxr0ifDZDkwRIAluJCRk4G8oXMIZxmSQZ7YG4-vNas3WOlWaaHyntaQqSOw--iwiEO_Pg-qoJWufZIyBz-ABXeW5ftj546c12vd0wvbveKg78cwe8bnzNhbdVmlsOQ9sRxeYKn7sm3eOEs4gA&ext_cid=0&px_id=529500&min_cpm=0.012164235773077263&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4178039338996310046&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0035080168538968726&cpm=0&verify_hash=4d52f7bd8034db586ba0313f0dc18037&is_native=4&real_bid=0.0007927416486436153&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=ccfa6ff2-5c02-41be-b3b5-4ffabedbba8c&prev_step_diff=1344 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D165aa1cbb7&refdom=www.amdahost.com&auction_time=1714844711&subid=1511354673&sid=3842308737&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=adult&user_fp=14185762356588688897&score=58.204278956034564&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D165aa1cbb7%26idzone%3D0%26sid%3D1886&icons=lkwy2gXNGfmVvwcWpvfhRXYb7oqr5zaiLYxr0ifDZDkwRIAluJCRk4G8oXMIZxmSQZ7YG4-vNas3WOlWaaHyntaQqSOw--iwiEO_Pg-qoJWufZIyBz-ABXeW5ftj546c12vd0wvbveKg78cwe8bnzNhbdVmlsOQ9sRxeYKn7sm3eOEs4gA&ext_cid=0&px_id=529500&min_cpm=0.012164235773077263&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4178039338996310046&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0035080168538968726&cpm=0&verify_hash=4d52f7bd8034db586ba0313f0dc18037&is_native=4&real_bid=0.0007927416486436153&original_bid_usd=0.0027488739999999997&original_bid=0.0027488739999999997&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027488739999999997&hostname=auc-inpage-hz-6-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027488739999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.12&cpa=ccfa6ff2-5c02-41be-b3b5-4ffabedbba8c&prev_step_diff=1344 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 17:45:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 104.22.21.144 | 302 Found | 366 kB |
IP104.22.21.144:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::nvnjl-1714843910320-d9cdd5d57d7d
cf-cache-status: HIT
age: 422
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d637c647128-OSL
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.183.69 | 302 Found | 7.9 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 04 May 2024 17:45:05 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FV%2FzrOFb%2BxJiSYSBxU53nQRTxqSjjPAACtLPfuRKvit5Y36Sw8sDHHaky6C4FFg6GtD37gP1dWQqcgSmhFXfpujaq3L%2FEVqKGcQ7jr5Hb4Ysghk%2B9Cd0GqFA5UCV9ZyZ5h3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4d6e4ef07127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js | 172.67.183.69 | 200 OK | 7.9 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7880), with no line terminators Hash8c3120eef28fc612c56c49f746dc2c9b 6d199c0a37301ed61d0d630886a385fd6151ac01 b9314cb719efdfe64ce6d60ad98aa9d49732187fc038861d3a72c24a33c7e772
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-content-type-options: nosniff
content-encoding: br
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxGd7CMUiI%2B%2BBfxZJ2gPDbGtncd1eGj60k6QJ8q3mKQ5ijQ5xVt3gwzuxzKfuPIer4gvZ2kCAVWiRiRkzZ7Anwtwgy1FTEL9h0awEDCan5gqEpkVIyFiqn6EoRswHoxyUoB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d6f284f7127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NzA4NTkzOTE1MDM5NDU3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE3OTk3Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 94.130.197.140 | 200 OK | 0 B |
URL GET HTTP/2metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NzA4NTkzOTE1MDM5NDU3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE3OTk3Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP94.130.197.140:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2NzA4NTkzOTE1MDM5NDU3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE3OTk3Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 17:45:05 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz7eY25_yHJ4hXYik5lZc6STh7llpGMmK7ROqgvFu9cQjjxqSMZdPdy_ZOokg884a5I5mi2sw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16573019%3A1714844706903509&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz7eY25_yHJ4hXYik5lZc6STh7llpGMmK7ROqgvFu9cQjjxqSMZdPdy_ZOokg884a5I5mi2sw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16573019%3A1714844706903509&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz7eY25_yHJ4hXYik5lZc6STh7llpGMmK7ROqgvFu9cQjjxqSMZdPdy_ZOokg884a5I5mi2sw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-16573019%3A1714844706903509&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 17:45:07 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-HWABegnPk4okFvwed2JtLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0ae085698cad0960a86703ca969164ab.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.15 | 200 OK | 233 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.15:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65463) Size233 kB (232616 bytes) Hash9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3xxkBAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: c0a4cc28c9379bd01f74366613770811
x-accel-expires: @1714858968
x-accel-date: 1714772568
x-77-cache: HIT
x-77-age: 72135
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 72135
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.m.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
Size109 kB (109375 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/scripts.m.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:04 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab3f"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:04 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| bid.mbidtg.com/tags/179977?version_name=c | 45.133.44.25 | 200 OK | 2.8 kB |
URL GET HTTP/2bid.mbidtg.com/tags/179977?version_name=c IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectbid.mbidtg.com Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67 ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3188), with no line terminators Hashe46f947075e1eaff4765d646793d013d 7173f9a61abbfc9c8800bb98a31f9a39ae377cfe 3cf6c174f21fc37a4aa615d0620938cd6dd5f1983239b4137f6a7ea87093d513
GET /tags/179977?version_name=c HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.mbidpsh.com/npc/sdk/push.m.js?v=1 | 45.133.44.52 | 200 OK | 34 kB |
URL GET HTTP/2js.mbidpsh.com/npc/sdk/push.m.js?v=1 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerLet's Encrypt Subjectjs.mbidpsh.com FingerprintFB:CB:96:60:36:41:56:0B:E6:D1:90:FE:AB:B3:59:6E:D0:21:67:78 ValidityThu, 18 Apr 2024 03:01:07 GMT - Wed, 17 Jul 2024 03:01:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.mbidpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 17:50:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771558759782912&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771558759782912&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771558759782912&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:45:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Sat, 07 Jun 2025 17:45:04 GMT; Secure; SameSite=None
UID=2405041245b10ced0768604007b5c2cbb359; Path=/; Expires=Sat, 07 Jun 2025 17:45:04 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 172.67.174.51 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP172.67.174.51:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:45:05 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 6f8917d25efc8bd1954c0bf56bd797ab
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL%2FpRMSgLjfKLFRS5HgQng%2BIU70s5dz2wOxk8JcHPZlhtu5FDQ6imlX3m6LhKi%2BCLpxeo3vpLeEdmvbVcDLvmnqwYDSWAcC4cwtK2NbKNhQ6%2B57KBLH2u3DiYDMR%2ByYbBHairG4tLjJxwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d7339f656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 172.67.183.69 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP172.67.183.69:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=165aa1cbb7
Cookie: PHPSESSID=a5aeee18425e8a63b0c1800da52c21a6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:45:03 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2074
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zszxpmPphTj7DS4ECSlSfeRbA7zMYsi0yCOmY8v4xOqiSCDZLW6Wh6cPTMpNhpLKXe1ifC%2BU0dc%2FSM0r%2FwJaB3w973oDq98C2AZcnr93Y%2FpKmzzbDPjnuMmGA6yvvn2NLAvR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4d62ec337127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=165aa1cbb7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:45:03 GMT
date: Sat, 04 May 2024 17:45:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|