| www.amdahost.com/thumbnails/1714458565_c89335f3a25c847a.jpg |  104.21.40.89 | 200 OK | 42 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714458565_c89335f3a25c847a.jpg IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash7eb1b0407a6737c49984e580765afcca fa444a3ea239be9db7f19da85353e26f0d963172 fa5755eb6646d9099a6259dc72c5e2f53a2da2aea6531608a7034a6343e2399f
GET /thumbnails/1714458565_c89335f3a25c847a.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:37 GMT
content-type: image/jpeg
content-length: 42419
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 20:39:30 GMT
etag: "a5b3-66308fc5-8c1a7d;;;"
last-modified: Tue, 30 Apr 2024 06:29:25 GMT
cf-cache-status: HIT
age: 20347
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2F9xxmfeN8rnxWQYANUXd68qar21uX7bJbYA15t1VcfsXor%2FCOEaYHdY21g2E4L%2BtkRNz0%2BT1ZeY0iYO9Wuab8AGQgbnXB9CvicHIi%2Bi4J78qd7jCMPR4USJKu3kOwcIcsxu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5ceaac35688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css |  151.101.1.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.1.229:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Wed, 08 May 2024 02:18:37 GMT
age: 5267006
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/4/js/233169 |  88.208.22.2 | 200 OK | 6.6 kB |
URL GET HTTP/232879.2481april2024.com/4/js/233169 IP88.208.22.2:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeJavaScript source, ASCII text, with very long lines (16647), with no line terminators Hash8f5d57630a7e0eda977bbec1efd85605 113d4bce4d55ba1baf528b6e20fec32affade0a5 924898dca5f0eed0bf622cb2a22cfd8065b25467dd061c2276bcf17b28c64976
GET /4/js/233169 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:37 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6575
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.66.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.66.217:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Wed, 08 May 2024 02:18:37 GMT
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:27 GMT
expires: Fri, 02 May 2025 01:53:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 519910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430752463415808&eclog=0&im=1 |  212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2b57dqedu4.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430752463415808&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430752463415808&eclog=0&im=1 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:38 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
UID=2405072118ee4fe3fd324e48bcb383910a66; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg |  185.76.9.25 | 200 OK | 4.5 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:38 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH36j8AAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af5856306b13813afee03a669543c61c
x-accel-expires: @1715204756
x-accel-date: 1715118356
x-77-cache: HIT
x-77-age: 16362
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 16362
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| mpougdusr.com/get/2020090?zoneid=2020090&jp=_clhmgypd3565qtz350c26e&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702416835584&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 8.3 kB |
URL GET HTTP/2mpougdusr.com/get/2020090?zoneid=2020090&jp=_clhmgypd3565qtz350c26e&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702416835584&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, from Unix Hash63077fd89ecfc522ce6bb4c205856d65 2eeeb252af53bd979dc5988441f1d9d4c534c248 39e06bd28db7faacd800aa353a12affbd6ab9bca5c6ad7f4ddfb00b528e19e3a
GET /get/2020090?zoneid=2020090&jp=_clhmgypd3565qtz350c26e&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702416835584&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:38 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
UID=2405072118024d8995beb64c7b875910aafd; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714458540_8b0a3a9532be4a0e.mp4 | 104.21.40.89 | 206 Partial Content | 420 kB |
URL GET HTTP/3www.amdahost.com/videos/1714458540_8b0a3a9532be4a0e.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size420 kB (420355 bytes) Hashba2afb117d886dfb1a07133892cbac26 049134a3fbd9d8874aa941e1bc68842af9aa7440 164fcb13104cd3e81637dc5283c36fb0d835b6be55ac10da376bb3f08fe29b46
GET /videos/1714458540_8b0a3a9532be4a0e.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=21889024-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Wed, 08 May 2024 02:18:38 GMT
content-type: video/mp4
content-length: 420355
etag: "1546a03-66308fc4-8c19d7;;;"
last-modified: Tue, 30 Apr 2024 06:29:24 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-range: bytes 21889024-22309378/22309379
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SP1Y8oY%2FwZjU2ebLZsQJ4ZHjUp96tQYsx1xwVxlZPE4LSMtNEsytZYXX3VrPO1zxPm7JC1ON1NZcxzQ5xZ4bSEOq9p%2BMMIPGMy0x3oy37wh4jF5YKrYghxp2UK8zzThfgXLR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5d98ff95688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js | 212.117.190.201 | 200 OK | 36 kB |
URL GET HTTP/2pyknrhm5c.com/q/tdl/95/dnt/2025683/kep.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typegzip compressed data, max speed, from Unix Hashf470ef67fa1b760199c8ce7523f3252a 835303b1401180dff6cb24a6917624936a27fa67 5ab339d0047e61596537698c3c6982993759e74bb1f33b7e27a7fae788fe8392
GET /q/tdl/95/dnt/2025683/kep.js HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:37 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-164ab"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.25 | 200 OK | 195 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectfluidplayer.com Fingerprint46:64:4F:F1:3B:B5:54:D2:21:6F:9B:66:05:DF:D9:AC:7D:3C:8E:D0 ValidityMon, 06 May 2024 08:37:10 GMT - Sun, 04 Aug 2024 08:37:09 GMT
File typegzip compressed data, from Unix Size195 kB (195428 bytes) Hash0bb81cda1dc6568ec484ebc715dd6efc 0cee335c076d8fddccbf9731dda068403a0c9e61 77a8511f933c78ef6132135c65851aea8fc06d4e6e70fa6a17bee0be24c06d31
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3oUAAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af5856306b13813afde03a663c8cc217
x-accel-expires: @1715204572
x-accel-date: 1715118172
x-77-cache: HIT
x-77-age: 16545
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 16545
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| 1202bb3601.29972123f3.com/2721bcba9600cbbb8e7c3e12932bf7a2.js | 45.133.44.53 | 200 OK | 79 kB |
URL GET HTTP/21202bb3601.29972123f3.com/2721bcba9600cbbb8e7c3e12932bf7a2.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
File typegzip compressed data, from Unix Hashf2615689fabacd61ae3168ba344711c6 dca440aac1a878bf5cde1e7e5238fa9f6aac1bb4 b7d10beeeb1163323dae8d3650f745b8479190b2d0d339e6bd41c44c04b4ecda
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /2721bcba9600cbbb8e7c3e12932bf7a2.js HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:38 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab3e"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/videos/1714458540_8b0a3a9532be4a0e.mp4 | 104.21.40.89 | 206 Partial Content | 2.6 MB |
URL GET HTTP/3www.amdahost.com/videos/1714458540_8b0a3a9532be4a0e.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size2.6 MB (2572182 bytes) Hash856262c0329ebfa81e943b2da3576cfa 598f79b673966bd6a33b5979bbabab7d6b516a11 d38dd9e833cdcc72b20b94757f8726afb31b012d651f0388d96c485d995ef940
GET /videos/1714458540_8b0a3a9532be4a0e.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Wed, 08 May 2024 02:18:38 GMT
content-type: video/mp4
content-length: 22309379
etag: "1546a03-66308fc4-8c19d7;;;"
last-modified: Tue, 30 Apr 2024 06:29:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-22309378/22309379
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rezMX1CE7b36FDb%2Bca%2FFEjmh3gaukM0QtPoWsIyePWbZIoW%2FmY%2FnpMVr2J%2BAIjuKTjCjsiucLriW7%2F4FPQWxKJJKzbGWuVn9BVtrvG2o6jRzYHZjg%2Bg9ci8heMiCnC7PR6D0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5d73f0d5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/apple-touch-icon.png | 104.21.40.89 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2722
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgQgoNVGz2DKSrolqFkcW5zMgdqLCKqn0VPqlRWsXn3SWm6W5Un3qqtaIOF80RhQSLaJ3DQJFtJidI03iD02CvLky9c0m6kmzUkGWxej4hCvTzRKGAppYRbJM%2BbnaC2tSrQO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5dbf8d05688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/watch.php?id=187592aa4e | 104.21.40.89 | 200 OK | 123 kB |
URL User Request GET HTTP/2www.amdahost.com/watch.php?id=187592aa4e IP104.21.40.89:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeHTML document, ASCII text, with very long lines (6442), with CRLF, LF line terminators Size123 kB (123285 bytes) Hashc230c6982bf9abbafeaddd2402448685 7531b5fbf1c07595761a7d4593f7abbdc78ff40b 2e3df457cbe4b9449a61b8c60695ea43b71c717e2eef897ed20490c7edfe6aaf
GET /watch.php?id=187592aa4e HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8; path=/; domain=.amdahost.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCnA6OyqDRc%2FmNmTKKhBq252yaZq5Yc%2FXYSzRXB5N5H5wE51ehrzAMOU64s%2BsxPBXnECRpEmh8XfyoEChGxZYePegs2iP5MxL1iEwrdWd50UPC6obKm8sq%2FLJgVZqbkcC4ZK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5cb6aadb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js | 212.117.190.201 | 200 OK | 42 kB |
URL GET HTTP/2b57dqedu4.com/t/9/fret/meow4/2020088/0d68ddef.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typegzip compressed data, max speed, from Unix Hash948e2cc9002756e416929489914fb45d 82f8a93c60b70b0b4c5b271ac55e751757887ded 95a445da6e8dc40a6e6aa863208cc8e4b268ad723039f22eb01c64d78bf9c99a
GET /t/9/fret/meow4/2020088/0d68ddef.js HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:37 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 104.21.40.89 | 200 OK | 892 B |
URL GET HTTP/3www.amdahost.com/css/root.css IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:37 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
cache-control: public, max-age=604800
etag: W/"17f0-65dd98cc-8c005d;br"
expires: Wed, 15 May 2024 01:35:49 GMT
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2568
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvtv7n9WiSr0D6ifiD7lSoULzWkVRU0fxX%2BkkL9co0OMMgzjELaOO2QSlIecFV3LRoqQ0InykJBvNnEACB7oUd9wQW%2BdLSZWqMKD4luXL44aK09MLWFUQv%2FYNT53DlWLXTNq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5ce9ac25688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 172.217.21.162 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP172.217.21.162:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Wed, 08 May 2024 02:18:39 GMT
expires: Wed, 08 May 2024 02:18:39 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15683975737357121959
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/get/2025683?p=2025683&jp=_clj42opp2ny8sp0jrd0gm1&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952649713664&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | 200 OK | 7.7 kB |
URL GET HTTP/2pyknrhm5c.com/get/2025683?p=2025683&jp=_clj42opp2ny8sp0jrd0gm1&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952649713664&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (11569), with no line terminators Hash459ff073dc426ba8a4b7975d6fe415fd 66ce4a7f4891601e8178137bc21e74dce6c5c9b9 a7122f3015d556741d75056bc176ff0ea9219763ea844d7069dd3680a51a231a
GET /get/2025683?p=2025683&jp=_clj42opp2ny8sp0jrd0gm1&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952649713664&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:38 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2405072118000053db443f499f930442954b; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 |  157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:18:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1835
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:18:40 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=14602271827965017206; Expires=Thu, 08 May 2025 02:18:40 GMT; Secure; SameSite=None
Vary: Origin
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:18:40 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc5OTc2NDIwNDY4NTAxMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC45NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 116.202.204.10 | 200 OK | 0 B |
URL GET HTTP/2metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc5OTc2NDIwNDY4NTAxMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC45NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP116.202.204.10:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc5OTc2NDIwNDY4NTAxMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNzk5NzcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC45NCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 02:18:40 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 82c39cef22.0a3036d0e7.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc5OTc2NDIwNDY4NTAxMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/282c39cef22.0a3036d0e7.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc5OTc2NDIwNDY4NTAxMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject82c39cef22.0a3036d0e7.com FingerprintB5:63:82:89:FA:3B:23:EC:39:BF:44:83:B4:62:4A:8F:5D:11:9D:38 ValiditySun, 05 May 2024 02:50:23 GMT - Sat, 03 Aug 2024 02:50:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzc5OTc2NDIwNDY4NTAxMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4xIiwidGFnX2lkIjoxNjE4NTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC44MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 82c39cef22.0a3036d0e7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:40 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=179977 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=179977 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=179977 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 08 May 2024 02:18:40 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=11890711513720768086; Expires=Thu, 08 May 2025 02:18:40 GMT; Secure; SameSite=None
Vary: Origin
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash3d73c7785cb179cb9f0e72f6a91da70f 66c654e20681ef90fd6deb0bb656d193a0ca7b50 2d0c922dfab42a0256189b624ae3b29006470599f76d650ea10e28c4b35080ab
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.106 | 200 OK | 4.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash3441afca54278e1db0f98eb6042afd58 ed61160d2d5ce5f84f9a5b41d7beb562cfee98b7 a8fd1d0965bc243e648f6df1004fad72568a077429426f5dfefb4835a5459aa6
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=106947eb-d314-4ecd-8a67-4918dfc5c7b8&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=106947eb-d314-4ecd-8a67-4918dfc5c7b8&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=106947eb-d314-4ecd-8a67-4918dfc5c7b8&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:40 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=3a83e3ea-1722-419d-977d-007d961d0b35&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=3a83e3ea-1722-419d-977d-007d961d0b35&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=3a83e3ea-1722-419d-977d-007d961d0b35&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:40 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbddip.com/in/dip?site=native-push&wl=1&event_id=4401ec3d-167c-4d3d-b2a9-d67ea22affc4&subid=1211831614&sid=1106004102&spot_id=560190&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbddip.com/in/dip?site=native-push&wl=1&event_id=4401ec3d-167c-4d3d-b2a9-d67ea22affc4&subid=1211831614&sid=1106004102&spot_id=560190&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=4401ec3d-167c-4d3d-b2a9-d67ea22affc4&subid=1211831614&sid=1106004102&spot_id=560190&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: mbddip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:40 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/multy | 94.130.198.6 | 200 OK | 0 B |
IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:40 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.67 | | 471 B |
IP142.250.74.67:0
Hash5991db4ffbfc4b57b0f99a35a0e6a3d0 1b74b56ddc178de4587ef8898436cff19cc2c66b 17904ae58c5cfd605b9b96ef28a59c0b158141c0d69922267a677ff041ca24d9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 02:18:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mpougdusr.com/chicken.gif?z=2020090&pb=847000ae4dd4555064e1fbaaf71879a51715141918&psp=GcOUA6ItraxGL3O5XrkB_IpM5UK255iL6S9Jk7G1F5snlMTA4Za-7SqJKRpAFJTVWaWAaP6WqZOcsC4Yh1gN5X2FDVc9OuZAomBLPEdCCt2h7xn6QF1pS2FFFtGg0u4RkTKB-NssMSE08QhcbYWiDnjmv5yy9Udr0yzcNzjY6kSeWPaBhG34lanlFynML9e0iVVfPtPyVFiAjA7mVWa5RfqMgugEOrbWgjJCgAObi9zx3KY7qNiKICXCxKsjzHrzoG-1qFj6DEEd5QaYgJ0afwGtllwpT_dC8z6AfqoPUTvYmnBuOkRJ5BBF2s7APag6Zgz0q3VHRr0Zg8XYQ8UJih2a_vZ66knLuJdkSQ_meadQsY6gLZyGRzEx-L3H8FYQrzgr3cgYmE5zdG4P9totEWaLNDanYH-drp6chwriakHqg3RKEp1jK_loXHfEK-WF18-CEv_Q_h878lQPxXxeTQXUY-oA6bXIAU6yuzOhNKSAuwaBOqCpHbxi4Fgu4-t1ZmMSd5DHO4JtXYgaeh5pyrHL8QQwvgxDl676UQp6fbGHu7uTiG4DTTJbIwC-5iA728g-0STKWjZ7uo0-fUImMlGjbllf6GMpl9-q8n1UHs_0z5RlGQhDz8RZQw6NhQqfUK6UVi46GgQ1wXAU_SlPfHN-Yvlmzqnre6EmYatC5pI_NALNDWGREXVfCl_M9q1pdmDVQZhWOjVFplWJi9K9BXxN9SkWJ7N5ddHu-D13UGHzT5F2iCjcwhBOSNODjOqBSmB___PHy_t5z11BAPcgcTmFssA9g0VvKDCCi_ztssuoxQHFRFyfhJQYW7h6n-eiY8fiVBxAtU6aJaYn4aws4IL7Cq96lgzJ14t8-LoTcFKj7NhLRGuW5c8qYUnCnKhYzWvAv0KYewXzxISYdecxektr7wWNb4eWPTBx1q6cWvKi56cXe2BecLk_iFnK3s3n_55pI9cII5XPDlJ6TbfyuY88JITD0_oGtzmIuTLvOFsWBXt3dTp4rGdzDsICPDFEf_NSwonG8dCULaBwrKumjz4N_uKho5ssQhHlWwTtp-ndlIQExhot3bS3PJ652lj_OoDFPjIevFI-SGlF9ZdNqqIAhOylj9sBrpTAJmcxxHWPr3QBExJS5YZHtmME9r61o0Qc-bSSXUepgohrIdtFah_fiqukshh2EP3J1V-POJonXdI-MnOuo4T0b4M6s0XI4_hlLvbPchpRuxm09kbtcKFwS-mobUHBarCz6mXhlAsJGlhO0JOjm6b5FRf7RSvejecTjCnUZmaLQc5abSjXrUkmUQ3CBgj8em9ht12MJ7OSw7g3yIdk1Kcq0yfc6Vn_3Pqm0zH1E3QVEPi60orOMUy8s3nW_kwxJOtY48xsw_Tt0rm5hXci2zBXVFjo-4l4o1ztiYeTLixZz3Ne5MzJ4Ux4H5e1Yf0Tup_TfZpfqhc8pmFPw1aZp9ugGWGKA3I7eO2yE7flhoKRrE_xyNF8K9FMe-dml8A2N0ybYcmEE31b7e3Q8bFv7A7R4Rn5fCMIriVkIcAuOteTxFdIkG1QHhvgb1qscRh6oLfWUTDFjTxUWKJsGVLj7NpFHIOYa2JWBAcIvOfgkK29WtPHm18jT59J0Ix6BfddRgbFdUlX2YucoGSLAJ5oF-Xy0CHt_ij3F8Edbl1mzlBP52aFUrk725hkihNEjAEk96Wbtx7RjPuj2oB1Ts3ivC9JI6mqQ86c-AsXhr3ZqTnW2wTgVtrpV82dpm3wei5cf-TnTsK8FtMOTWTG2PVd7q7rbjiF5Tr1AMEfAEHSU5CGR8Ckf98bSfAi4ZTSNF7zZ2egsn7h0StKjo5hsK5VAkgz6znWHdH2LWfZpNf3YEcJ_7Pw98i1auZIV2uxLlUOxeigP8SbRR1yCFG4kkmT2mLTSfUnM_1wgHDJICwEB_onZwq3oHb03aJvLLfpq_dH5tTzSnEluz0E5BHu81WmvL4YBofbevH69GZdqjyiyj1HWm9n4-ygMPVqxYEFM_-zcQ5VuK5EvlZcWc0rYePoNey2iOjDHFFuwCCF1k8j6tMoTi24goWJdrhMTzQdiTVIx-4PwaEzuBk7qZQpPalzmA0NK9Rds8eiYE0dryg2FvlhFrcJ2otcPq1zLTT_jTJKrGByn-Qd1dFtPwtavqvIyYyHeo1tU-RjpYYqnPemiBNUmCccgiwx5nrpfe0s79XetCfLANPrsAS3Fv9rJZw5rS0LRNXCy99DhQCIUZw7T1W6qFhLyY-DIAG4sdcdSPIkrDCBKA4kgRZ43iVw50BFuZLTmqxaPlCggctnIqXTn5uAKksozhaTp-nxt_fpvr_hsTCnnRgsfpe1k4VM_8qHIoQgXNdL1Bq-oJdG11LSdCzHiL3uRTQaDFCLtJR92snN2gmSQWAKPlebqM-M-aWZrs-x1tDXq24FRZidm4tZWRH-njNrwRSfi2HNDGa4Ci_bbGHuGW2AP5XEpZ2HIZC5y7Q-TFCr2Uz4eyURKadvNtSmq3jiRFuodQdxK5P7gDueu2ehm8ngo3QmjaHzg5VU1qJJkAajSPj7fiJDtUix4RmcL4k-sgaxtvBFTEB7kA6lfSlEE_-kqBcpez1HPywJ-336VStpnwtlcQrEY1KbbFJdM1f0ihUOl2feBLNWyPNMYbB0Nxlfx6d4eEdRLWDng2Zja-Q1WxzyJY4glCoPscqPSOoaC-SYuOxv857gae3558ayKpUO2-P-upu9Qvlo--AHIyRxIDLGfkVgsz7ymzjNEsvf87j8I2UMZjXBxQc-aNvy90EN3Nldi5aIh8UyPAI4gPK-kGzLNxsqdrOoeKsnn0llqtZP3Ys6alU5wYrhDCbm0KmAgGkScGW1GClmJBVxivC1s9wusN7IauhIE5A2b0G09GThHOyp6QjaeE7KI7GjermJLoWW-021T7ZiPSY5JbXQVXIunEq-rTl_fYZ1YgtW7Pz2GwtPoDlAEdGmfLSpngPYu4b3wokEM1eNz5h3dw9JTlnb4kgMyUx9JK_hySa6OZcKlMhnNm36gamtpTXnlBTbhayxjVlFF8oJKVhMFGFFaq8X5PrWjFmBEo4scjpLN59ZNcqBqFJPaaHBmlLMlKnIMS6lDJajvF6aiDiuvMTMOzwPIKVn6NgDPWXmKTdy8mgeu9I8lerlvfB9rTl0KD6bfg9DpoPTWvTW2wIcLxDXLQvwgmbPSfw0cx5D0t9LKHoX4SekUBHANWRHVvJujxfH4_LiQ9_QlwZkhE2JOa1Eto266f2bJ6Ut1FQ6YPSbYBQV9YW_2uiGEe8URv9ZEut3Ig7sMM35vUpUIobQ_onZaQf9WaK6kdgrRxLop7_tbibPaJsSrZT3fSP7f0SzdOmIDJQt1xCIhY4bNpXNGoSzNa5Y3k9MvVSXnnTQhvRBla9baUJVO3OOmWkBa75zRlJyGma7WHo55w55hKkzbzdla7StEWOf3NVvBDKCSH9Q3OvMwaGjL-un7F8NHYG3JDDEvW3bS9lyjV_oSijmn6rb7mBPGVugRgAqhdsd629pqaswPPgCo3eeacBcwFt5uxH5ci3V8rrSmJjYJjQPU27juvjSNXdFK_yuZWrV5srsVJnDLldCxEypGBY5yN-t2_qt0Q8omsL6sZxsWD13j63Q2mKhMNAmIXPUJHpG0_y5nVkvUUZbZonvSyZxU-0m2lQSt7xtOf_vm2Ic3QVZxr--qK-LeSGjIiV-pgR9731H7uNzcPICMJqfGEaR8b21LURzCujfm1IfdB13dgXqJy3wBJ58rMdrw0qRKrc_rD3TcsmmySsba7Dg6lMTfcyHdOVYtmfHWFXoKg7h60BWTXcHT1P17BKDRBFIS639GzPZ3eQ_7Gxv8HShADmIb_UJon15sltHeuZD4miJub-Ehj7S98XWmypvZfZq5eo5vCNDl_Vtn8cxUD2gVuGzK6Q5MZk1tfb8SJmonEO3lkbeNLqHLiHuoOI5EI_CI22NveNrRN0qvbgv-cIS3Irg_MY8sskTKsZ8wbbR418QBYNRqmPIxQlvmWLy7qEilTGWgehhLdNXNvlHiiLG7AJDlghiihoxSn7VhKofnjpj57II8gGtyZT0AKJfbkIWW1unP1m-Fw==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702416835584&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2mpougdusr.com/chicken.gif?z=2020090&pb=847000ae4dd4555064e1fbaaf71879a51715141918&psp=GcOUA6ItraxGL3O5XrkB_IpM5UK255iL6S9Jk7G1F5snlMTA4Za-7SqJKRpAFJTVWaWAaP6WqZOcsC4Yh1gN5X2FDVc9OuZAomBLPEdCCt2h7xn6QF1pS2FFFtGg0u4RkTKB-NssMSE08QhcbYWiDnjmv5yy9Udr0yzcNzjY6kSeWPaBhG34lanlFynML9e0iVVfPtPyVFiAjA7mVWa5RfqMgugEOrbWgjJCgAObi9zx3KY7qNiKICXCxKsjzHrzoG-1qFj6DEEd5QaYgJ0afwGtllwpT_dC8z6AfqoPUTvYmnBuOkRJ5BBF2s7APag6Zgz0q3VHRr0Zg8XYQ8UJih2a_vZ66knLuJdkSQ_meadQsY6gLZyGRzEx-L3H8FYQrzgr3cgYmE5zdG4P9totEWaLNDanYH-drp6chwriakHqg3RKEp1jK_loXHfEK-WF18-CEv_Q_h878lQPxXxeTQXUY-oA6bXIAU6yuzOhNKSAuwaBOqCpHbxi4Fgu4-t1ZmMSd5DHO4JtXYgaeh5pyrHL8QQwvgxDl676UQp6fbGHu7uTiG4DTTJbIwC-5iA728g-0STKWjZ7uo0-fUImMlGjbllf6GMpl9-q8n1UHs_0z5RlGQhDz8RZQw6NhQqfUK6UVi46GgQ1wXAU_SlPfHN-Yvlmzqnre6EmYatC5pI_NALNDWGREXVfCl_M9q1pdmDVQZhWOjVFplWJi9K9BXxN9SkWJ7N5ddHu-D13UGHzT5F2iCjcwhBOSNODjOqBSmB___PHy_t5z11BAPcgcTmFssA9g0VvKDCCi_ztssuoxQHFRFyfhJQYW7h6n-eiY8fiVBxAtU6aJaYn4aws4IL7Cq96lgzJ14t8-LoTcFKj7NhLRGuW5c8qYUnCnKhYzWvAv0KYewXzxISYdecxektr7wWNb4eWPTBx1q6cWvKi56cXe2BecLk_iFnK3s3n_55pI9cII5XPDlJ6TbfyuY88JITD0_oGtzmIuTLvOFsWBXt3dTp4rGdzDsICPDFEf_NSwonG8dCULaBwrKumjz4N_uKho5ssQhHlWwTtp-ndlIQExhot3bS3PJ652lj_OoDFPjIevFI-SGlF9ZdNqqIAhOylj9sBrpTAJmcxxHWPr3QBExJS5YZHtmME9r61o0Qc-bSSXUepgohrIdtFah_fiqukshh2EP3J1V-POJonXdI-MnOuo4T0b4M6s0XI4_hlLvbPchpRuxm09kbtcKFwS-mobUHBarCz6mXhlAsJGlhO0JOjm6b5FRf7RSvejecTjCnUZmaLQc5abSjXrUkmUQ3CBgj8em9ht12MJ7OSw7g3yIdk1Kcq0yfc6Vn_3Pqm0zH1E3QVEPi60orOMUy8s3nW_kwxJOtY48xsw_Tt0rm5hXci2zBXVFjo-4l4o1ztiYeTLixZz3Ne5MzJ4Ux4H5e1Yf0Tup_TfZpfqhc8pmFPw1aZp9ugGWGKA3I7eO2yE7flhoKRrE_xyNF8K9FMe-dml8A2N0ybYcmEE31b7e3Q8bFv7A7R4Rn5fCMIriVkIcAuOteTxFdIkG1QHhvgb1qscRh6oLfWUTDFjTxUWKJsGVLj7NpFHIOYa2JWBAcIvOfgkK29WtPHm18jT59J0Ix6BfddRgbFdUlX2YucoGSLAJ5oF-Xy0CHt_ij3F8Edbl1mzlBP52aFUrk725hkihNEjAEk96Wbtx7RjPuj2oB1Ts3ivC9JI6mqQ86c-AsXhr3ZqTnW2wTgVtrpV82dpm3wei5cf-TnTsK8FtMOTWTG2PVd7q7rbjiF5Tr1AMEfAEHSU5CGR8Ckf98bSfAi4ZTSNF7zZ2egsn7h0StKjo5hsK5VAkgz6znWHdH2LWfZpNf3YEcJ_7Pw98i1auZIV2uxLlUOxeigP8SbRR1yCFG4kkmT2mLTSfUnM_1wgHDJICwEB_onZwq3oHb03aJvLLfpq_dH5tTzSnEluz0E5BHu81WmvL4YBofbevH69GZdqjyiyj1HWm9n4-ygMPVqxYEFM_-zcQ5VuK5EvlZcWc0rYePoNey2iOjDHFFuwCCF1k8j6tMoTi24goWJdrhMTzQdiTVIx-4PwaEzuBk7qZQpPalzmA0NK9Rds8eiYE0dryg2FvlhFrcJ2otcPq1zLTT_jTJKrGByn-Qd1dFtPwtavqvIyYyHeo1tU-RjpYYqnPemiBNUmCccgiwx5nrpfe0s79XetCfLANPrsAS3Fv9rJZw5rS0LRNXCy99DhQCIUZw7T1W6qFhLyY-DIAG4sdcdSPIkrDCBKA4kgRZ43iVw50BFuZLTmqxaPlCggctnIqXTn5uAKksozhaTp-nxt_fpvr_hsTCnnRgsfpe1k4VM_8qHIoQgXNdL1Bq-oJdG11LSdCzHiL3uRTQaDFCLtJR92snN2gmSQWAKPlebqM-M-aWZrs-x1tDXq24FRZidm4tZWRH-njNrwRSfi2HNDGa4Ci_bbGHuGW2AP5XEpZ2HIZC5y7Q-TFCr2Uz4eyURKadvNtSmq3jiRFuodQdxK5P7gDueu2ehm8ngo3QmjaHzg5VU1qJJkAajSPj7fiJDtUix4RmcL4k-sgaxtvBFTEB7kA6lfSlEE_-kqBcpez1HPywJ-336VStpnwtlcQrEY1KbbFJdM1f0ihUOl2feBLNWyPNMYbB0Nxlfx6d4eEdRLWDng2Zja-Q1WxzyJY4glCoPscqPSOoaC-SYuOxv857gae3558ayKpUO2-P-upu9Qvlo--AHIyRxIDLGfkVgsz7ymzjNEsvf87j8I2UMZjXBxQc-aNvy90EN3Nldi5aIh8UyPAI4gPK-kGzLNxsqdrOoeKsnn0llqtZP3Ys6alU5wYrhDCbm0KmAgGkScGW1GClmJBVxivC1s9wusN7IauhIE5A2b0G09GThHOyp6QjaeE7KI7GjermJLoWW-021T7ZiPSY5JbXQVXIunEq-rTl_fYZ1YgtW7Pz2GwtPoDlAEdGmfLSpngPYu4b3wokEM1eNz5h3dw9JTlnb4kgMyUx9JK_hySa6OZcKlMhnNm36gamtpTXnlBTbhayxjVlFF8oJKVhMFGFFaq8X5PrWjFmBEo4scjpLN59ZNcqBqFJPaaHBmlLMlKnIMS6lDJajvF6aiDiuvMTMOzwPIKVn6NgDPWXmKTdy8mgeu9I8lerlvfB9rTl0KD6bfg9DpoPTWvTW2wIcLxDXLQvwgmbPSfw0cx5D0t9LKHoX4SekUBHANWRHVvJujxfH4_LiQ9_QlwZkhE2JOa1Eto266f2bJ6Ut1FQ6YPSbYBQV9YW_2uiGEe8URv9ZEut3Ig7sMM35vUpUIobQ_onZaQf9WaK6kdgrRxLop7_tbibPaJsSrZT3fSP7f0SzdOmIDJQt1xCIhY4bNpXNGoSzNa5Y3k9MvVSXnnTQhvRBla9baUJVO3OOmWkBa75zRlJyGma7WHo55w55hKkzbzdla7StEWOf3NVvBDKCSH9Q3OvMwaGjL-un7F8NHYG3JDDEvW3bS9lyjV_oSijmn6rb7mBPGVugRgAqhdsd629pqaswPPgCo3eeacBcwFt5uxH5ci3V8rrSmJjYJjQPU27juvjSNXdFK_yuZWrV5srsVJnDLldCxEypGBY5yN-t2_qt0Q8omsL6sZxsWD13j63Q2mKhMNAmIXPUJHpG0_y5nVkvUUZbZonvSyZxU-0m2lQSt7xtOf_vm2Ic3QVZxr--qK-LeSGjIiV-pgR9731H7uNzcPICMJqfGEaR8b21LURzCujfm1IfdB13dgXqJy3wBJ58rMdrw0qRKrc_rD3TcsmmySsba7Dg6lMTfcyHdOVYtmfHWFXoKg7h60BWTXcHT1P17BKDRBFIS639GzPZ3eQ_7Gxv8HShADmIb_UJon15sltHeuZD4miJub-Ehj7S98XWmypvZfZq5eo5vCNDl_Vtn8cxUD2gVuGzK6Q5MZk1tfb8SJmonEO3lkbeNLqHLiHuoOI5EI_CI22NveNrRN0qvbgv-cIS3Irg_MY8sskTKsZ8wbbR418QBYNRqmPIxQlvmWLy7qEilTGWgehhLdNXNvlHiiLG7AJDlghiihoxSn7VhKofnjpj57II8gGtyZT0AKJfbkIWW1unP1m-Fw==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702416835584&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=847000ae4dd4555064e1fbaaf71879a51715141918&psp=GcOUA6ItraxGL3O5XrkB_IpM5UK255iL6S9Jk7G1F5snlMTA4Za-7SqJKRpAFJTVWaWAaP6WqZOcsC4Yh1gN5X2FDVc9OuZAomBLPEdCCt2h7xn6QF1pS2FFFtGg0u4RkTKB-NssMSE08QhcbYWiDnjmv5yy9Udr0yzcNzjY6kSeWPaBhG34lanlFynML9e0iVVfPtPyVFiAjA7mVWa5RfqMgugEOrbWgjJCgAObi9zx3KY7qNiKICXCxKsjzHrzoG-1qFj6DEEd5QaYgJ0afwGtllwpT_dC8z6AfqoPUTvYmnBuOkRJ5BBF2s7APag6Zgz0q3VHRr0Zg8XYQ8UJih2a_vZ66knLuJdkSQ_meadQsY6gLZyGRzEx-L3H8FYQrzgr3cgYmE5zdG4P9totEWaLNDanYH-drp6chwriakHqg3RKEp1jK_loXHfEK-WF18-CEv_Q_h878lQPxXxeTQXUY-oA6bXIAU6yuzOhNKSAuwaBOqCpHbxi4Fgu4-t1ZmMSd5DHO4JtXYgaeh5pyrHL8QQwvgxDl676UQp6fbGHu7uTiG4DTTJbIwC-5iA728g-0STKWjZ7uo0-fUImMlGjbllf6GMpl9-q8n1UHs_0z5RlGQhDz8RZQw6NhQqfUK6UVi46GgQ1wXAU_SlPfHN-Yvlmzqnre6EmYatC5pI_NALNDWGREXVfCl_M9q1pdmDVQZhWOjVFplWJi9K9BXxN9SkWJ7N5ddHu-D13UGHzT5F2iCjcwhBOSNODjOqBSmB___PHy_t5z11BAPcgcTmFssA9g0VvKDCCi_ztssuoxQHFRFyfhJQYW7h6n-eiY8fiVBxAtU6aJaYn4aws4IL7Cq96lgzJ14t8-LoTcFKj7NhLRGuW5c8qYUnCnKhYzWvAv0KYewXzxISYdecxektr7wWNb4eWPTBx1q6cWvKi56cXe2BecLk_iFnK3s3n_55pI9cII5XPDlJ6TbfyuY88JITD0_oGtzmIuTLvOFsWBXt3dTp4rGdzDsICPDFEf_NSwonG8dCULaBwrKumjz4N_uKho5ssQhHlWwTtp-ndlIQExhot3bS3PJ652lj_OoDFPjIevFI-SGlF9ZdNqqIAhOylj9sBrpTAJmcxxHWPr3QBExJS5YZHtmME9r61o0Qc-bSSXUepgohrIdtFah_fiqukshh2EP3J1V-POJonXdI-MnOuo4T0b4M6s0XI4_hlLvbPchpRuxm09kbtcKFwS-mobUHBarCz6mXhlAsJGlhO0JOjm6b5FRf7RSvejecTjCnUZmaLQc5abSjXrUkmUQ3CBgj8em9ht12MJ7OSw7g3yIdk1Kcq0yfc6Vn_3Pqm0zH1E3QVEPi60orOMUy8s3nW_kwxJOtY48xsw_Tt0rm5hXci2zBXVFjo-4l4o1ztiYeTLixZz3Ne5MzJ4Ux4H5e1Yf0Tup_TfZpfqhc8pmFPw1aZp9ugGWGKA3I7eO2yE7flhoKRrE_xyNF8K9FMe-dml8A2N0ybYcmEE31b7e3Q8bFv7A7R4Rn5fCMIriVkIcAuOteTxFdIkG1QHhvgb1qscRh6oLfWUTDFjTxUWKJsGVLj7NpFHIOYa2JWBAcIvOfgkK29WtPHm18jT59J0Ix6BfddRgbFdUlX2YucoGSLAJ5oF-Xy0CHt_ij3F8Edbl1mzlBP52aFUrk725hkihNEjAEk96Wbtx7RjPuj2oB1Ts3ivC9JI6mqQ86c-AsXhr3ZqTnW2wTgVtrpV82dpm3wei5cf-TnTsK8FtMOTWTG2PVd7q7rbjiF5Tr1AMEfAEHSU5CGR8Ckf98bSfAi4ZTSNF7zZ2egsn7h0StKjo5hsK5VAkgz6znWHdH2LWfZpNf3YEcJ_7Pw98i1auZIV2uxLlUOxeigP8SbRR1yCFG4kkmT2mLTSfUnM_1wgHDJICwEB_onZwq3oHb03aJvLLfpq_dH5tTzSnEluz0E5BHu81WmvL4YBofbevH69GZdqjyiyj1HWm9n4-ygMPVqxYEFM_-zcQ5VuK5EvlZcWc0rYePoNey2iOjDHFFuwCCF1k8j6tMoTi24goWJdrhMTzQdiTVIx-4PwaEzuBk7qZQpPalzmA0NK9Rds8eiYE0dryg2FvlhFrcJ2otcPq1zLTT_jTJKrGByn-Qd1dFtPwtavqvIyYyHeo1tU-RjpYYqnPemiBNUmCccgiwx5nrpfe0s79XetCfLANPrsAS3Fv9rJZw5rS0LRNXCy99DhQCIUZw7T1W6qFhLyY-DIAG4sdcdSPIkrDCBKA4kgRZ43iVw50BFuZLTmqxaPlCggctnIqXTn5uAKksozhaTp-nxt_fpvr_hsTCnnRgsfpe1k4VM_8qHIoQgXNdL1Bq-oJdG11LSdCzHiL3uRTQaDFCLtJR92snN2gmSQWAKPlebqM-M-aWZrs-x1tDXq24FRZidm4tZWRH-njNrwRSfi2HNDGa4Ci_bbGHuGW2AP5XEpZ2HIZC5y7Q-TFCr2Uz4eyURKadvNtSmq3jiRFuodQdxK5P7gDueu2ehm8ngo3QmjaHzg5VU1qJJkAajSPj7fiJDtUix4RmcL4k-sgaxtvBFTEB7kA6lfSlEE_-kqBcpez1HPywJ-336VStpnwtlcQrEY1KbbFJdM1f0ihUOl2feBLNWyPNMYbB0Nxlfx6d4eEdRLWDng2Zja-Q1WxzyJY4glCoPscqPSOoaC-SYuOxv857gae3558ayKpUO2-P-upu9Qvlo--AHIyRxIDLGfkVgsz7ymzjNEsvf87j8I2UMZjXBxQc-aNvy90EN3Nldi5aIh8UyPAI4gPK-kGzLNxsqdrOoeKsnn0llqtZP3Ys6alU5wYrhDCbm0KmAgGkScGW1GClmJBVxivC1s9wusN7IauhIE5A2b0G09GThHOyp6QjaeE7KI7GjermJLoWW-021T7ZiPSY5JbXQVXIunEq-rTl_fYZ1YgtW7Pz2GwtPoDlAEdGmfLSpngPYu4b3wokEM1eNz5h3dw9JTlnb4kgMyUx9JK_hySa6OZcKlMhnNm36gamtpTXnlBTbhayxjVlFF8oJKVhMFGFFaq8X5PrWjFmBEo4scjpLN59ZNcqBqFJPaaHBmlLMlKnIMS6lDJajvF6aiDiuvMTMOzwPIKVn6NgDPWXmKTdy8mgeu9I8lerlvfB9rTl0KD6bfg9DpoPTWvTW2wIcLxDXLQvwgmbPSfw0cx5D0t9LKHoX4SekUBHANWRHVvJujxfH4_LiQ9_QlwZkhE2JOa1Eto266f2bJ6Ut1FQ6YPSbYBQV9YW_2uiGEe8URv9ZEut3Ig7sMM35vUpUIobQ_onZaQf9WaK6kdgrRxLop7_tbibPaJsSrZT3fSP7f0SzdOmIDJQt1xCIhY4bNpXNGoSzNa5Y3k9MvVSXnnTQhvRBla9baUJVO3OOmWkBa75zRlJyGma7WHo55w55hKkzbzdla7StEWOf3NVvBDKCSH9Q3OvMwaGjL-un7F8NHYG3JDDEvW3bS9lyjV_oSijmn6rb7mBPGVugRgAqhdsd629pqaswPPgCo3eeacBcwFt5uxH5ci3V8rrSmJjYJjQPU27juvjSNXdFK_yuZWrV5srsVJnDLldCxEypGBY5yN-t2_qt0Q8omsL6sZxsWD13j63Q2mKhMNAmIXPUJHpG0_y5nVkvUUZbZonvSyZxU-0m2lQSt7xtOf_vm2Ic3QVZxr--qK-LeSGjIiV-pgR9731H7uNzcPICMJqfGEaR8b21LURzCujfm1IfdB13dgXqJy3wBJ58rMdrw0qRKrc_rD3TcsmmySsba7Dg6lMTfcyHdOVYtmfHWFXoKg7h60BWTXcHT1P17BKDRBFIS639GzPZ3eQ_7Gxv8HShADmIb_UJon15sltHeuZD4miJub-Ehj7S98XWmypvZfZq5eo5vCNDl_Vtn8cxUD2gVuGzK6Q5MZk1tfb8SJmonEO3lkbeNLqHLiHuoOI5EI_CI22NveNrRN0qvbgv-cIS3Irg_MY8sskTKsZ8wbbR418QBYNRqmPIxQlvmWLy7qEilTGWgehhLdNXNvlHiiLG7AJDlghiihoxSn7VhKofnjpj57II8gGtyZT0AKJfbkIWW1unP1m-Fw==&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7993702416835584&eclog=0&im=1 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2405072118024d8995beb64c7b875910aafd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:40 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Fri, 07 Jun 2024 02:18:40 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABmOtyg; Path=/; Expires=Fri, 07 Jun 2024 02:18:40 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| js.mbidinp.com/skins/nmain.m.js | 45.133.44.52 | 200 OK | 111 kB |
URL GET HTTP/2js.mbidinp.com/skins/nmain.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
File typegzip compressed data, from Unix Size111 kB (110754 bytes) Hash819daf3f74faed3969179ba0bc72d18b c13c30e5fe860ef7da970863b357a7a581afe09c acfcc0823be91fb87ae064d13af2c30b5b4e3e58cf40c8fb920d368490e507f9
GET /skins/nmain.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:40 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxT7jBHKX2Dom5dA6D-m16ubvkxvf50SoFUZZ7ltN4tN4vgItJo0hQ84RDuBKzLDJ5YSWd-LA | 64.233.165.84 | 302 Found | 424 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxT7jBHKX2Dom5dA6D-m16ubvkxvf50SoFUZZ7ltN4tN4vgItJo0hQ84RDuBKzLDJ5YSWd-LA IP64.233.165.84:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
File typeHTML document, ASCII text, with very long lines (402) Hashf5c7f6beda078eb3d17c461824da5345 21214056be68013bdfa5a4999dc3fba91806a2ef ce30225fd9f699266e32652858b51eac9318a41873c4d5985f570c291d476a9c
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxT7jBHKX2Dom5dA6D-m16ubvkxvf50SoFUZZ7ltN4tN4vgItJo0hQ84RDuBKzLDJ5YSWd-LA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:7ofF6_CSnArLT8ukTV2XGqE38wWGnw:-SJT7UlNw6H-nkai;Path=/;Expires=Fri, 08-May-2026 02:18:40 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 02:18:41 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwOqU8UXlId-xkCofNUnDJfUQJFmg1sYkxkKCJKDx-PbkVLIeuq7mfXpjFPPPBog6KpiqLb&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S553679467%3A1715134720999972&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-OY7UqY5pd74yE-wl1JojHg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 424
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.67 | | 471 B |
IP142.250.74.67:0
Hashd59e53e22f3681f080bc6a493b7508a1 50ec966f62f5efce0a5fbea8917c5c5b025eaccf cffc1da003262cd2907f76fb611cccac521441669302d10fae3aeb0c9a81c181
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 02:18:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mbdippex.com/in/multy | 94.130.198.6 | 200 OK | 5.9 kB |
IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash43f9cd720abee403143031112573dd92 136908d068a202c9c08dffc4b9c2d205b1ad7dc0 7f21906499142a4f5ba2064ff5b54a20e2bc60ad80f533133ceef9db96470303
POST /in/multy HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2170
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:41 GMT
content-type: application/json
content-length: 5946
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134720&subid=1211831614&sid=1106004102&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&icons=OV1tEpDwNTS0ADBWUsLanWopwy0N3gRJsOjMv3PBDuW2i3EOBrdLw3ZFGVUTQaNFVCD18TRZv0MJPtksxiJa3gdedF9tAa2z3uakFgv4W__wF7KNaIXMYVmPmnw4fGKDhD7BeHAPeOK3lrvfrLBwQj-p_1i4CeRhZppgo1HJIdKviILBTA&ext_cid=0&px_id=560190&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7700844236672991902&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.018588103250606648&cpm=0&verify_hash=abfe7f1ef44f2e9a146360332978f9a1&is_native=4&real_bid=0.0005341350799710241&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,5,27,129,4,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000268093&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=282c7f09-8e67-46a5-b545-a2026a691ced&prev_step_diff=956 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134720&subid=1211831614&sid=1106004102&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&icons=OV1tEpDwNTS0ADBWUsLanWopwy0N3gRJsOjMv3PBDuW2i3EOBrdLw3ZFGVUTQaNFVCD18TRZv0MJPtksxiJa3gdedF9tAa2z3uakFgv4W__wF7KNaIXMYVmPmnw4fGKDhD7BeHAPeOK3lrvfrLBwQj-p_1i4CeRhZppgo1HJIdKviILBTA&ext_cid=0&px_id=560190&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7700844236672991902&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.018588103250606648&cpm=0&verify_hash=abfe7f1ef44f2e9a146360332978f9a1&is_native=4&real_bid=0.0005341350799710241&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,5,27,129,4,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000268093&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=282c7f09-8e67-46a5-b545-a2026a691ced&prev_step_diff=956 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134720&subid=1211831614&sid=1106004102&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&icons=OV1tEpDwNTS0ADBWUsLanWopwy0N3gRJsOjMv3PBDuW2i3EOBrdLw3ZFGVUTQaNFVCD18TRZv0MJPtksxiJa3gdedF9tAa2z3uakFgv4W__wF7KNaIXMYVmPmnw4fGKDhD7BeHAPeOK3lrvfrLBwQj-p_1i4CeRhZppgo1HJIdKviILBTA&ext_cid=0&px_id=560190&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7700844236672991902&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.018588103250606648&cpm=0&verify_hash=abfe7f1ef44f2e9a146360332978f9a1&is_native=4&real_bid=0.0005341350799710241&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,5,27,129,4,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000268093&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=282c7f09-8e67-46a5-b545-a2026a691ced&prev_step_diff=956 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134720&subid=1211831614&sid=1106004102&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D7Y7qwpcNrK1fUFAlBmzVwIHKLQo18187a2yqgrIVFPUuuUG_e3FHnHpqagbV4ntJGglbRbjcmYs5tT70zebKil7JOaZf20s7YgLHlgcURv5E9AOMCdImfIGJ_1fuF2F1m6zocebj9YoBIsuxgnMiojSyRiSO5i1lVqLRAbeKKbsWYXKg6BnKDLmuF5D2WQwJZlj-3L0RTGOrz0PpeUUJLvEiCdNwPzYZogWJCvzWGfWnXXtL-6kwoFcO2_6dSBDBRrFwBV1jgQNZ25uGQ5juWMgiYX2XlyOj5Qd1SGmI_Aw5Xt0YfhJogEQy-3dMbSzau9r4Gjm9d24KY1bTnwS6jmJOu8AItRHcPm0WK14pdkj4cI_UCQrzf8R-ceRVM2jQBOKM8wSF02dxXFUHa6CTH4r_pP7XEzW9lyNx6HwuvulQ_fyI5phcANkXbG-F9zE00imvC5LRp5HUMQVrgeqGgkVg6s43MJqC73zILZLXv_wv4miD0jPl6dX91Wbah4jGGWSHMfQHH84-eRN4RZBbOQSy3x2No_rfuUVLc1LERLZbEeCwRRSaGt4kzkKnneiDjHjlKAjt457NqPVGnyUPH_I8NhzjEAYiozqe4vVdBrFxlcIhR-2E5L-MUWZD0S1MT0QKvP5uMiWjp6HajR2qAmLI1B7WH580kt0Z6ZDxQs_t9FTWL8PkSJUeeaKbthSbaWO6geTouN9qTfTMBlgtlIE9HBXYkbWVTgDmg4Sty-WTiks4MUhVl7N2gx796ruuk44RBbSo6Efi8fnfHwG70DBS39WvA5DXu7Tzk1FpdYGmivWVTZmbn4iUEsk-0m_8nSWTlE0Tx-rJ3UoBVmH7MVxrifb0sGe5Br_vaKJ_aYzHqLJiwqy9XPdtxTXSM3JbxHQ8ceBnmjtmlUQg3B3M353uIeETrMLTmhuj9npEH0GAklMP81ZLA8titAlowTVYLVuaFWK7aZuelUKram0EvP4Uj9HbZnTNR-DhJ0ftdL0Qbd1LdBVOlqOHSXS7j1BKxSXMElqUzyEZd3nlZvnykTN8Ya_Dopy3OnB1DtRq42hM3XYKvVGZDT_WCiiWVzAj0WWaXsRwr9_x8WlWBXgMgODRqmAb5kfxTwRaO0uZHl9S7bSvx8-j85BrUoNnfzECDvjMTRx2kq1XV9kZzEPaUhhfL_8NX_rKArzr8dKKxRyQAuiPKjXcSPcaGesAWEipNLtlCnpw4oXTa8dD2hPEMCxfVQrpHIYVQOqaCEkr4Adq51GgBZ1ux8LcBuv8bCiW8YRFsYovr_0cK8mxfKAY75--oomY22H2E5Ll3wELHUplg1iz%26bid%3D0.021892081860232598&icons=-uwf99Mrg1yLshl0kSIfOzY_Y7eacjW30r8Z2DokkUv-dVtKAFpta6-9qtMzEUM5BJQoDi_j3yGSx3sU1LoS7qipBFDaSfCW0I4amJPiyICR0u696UI_7cKuqo6K-zrWqGw42zj15kO1VyVY6JNZRBnpTN6T1Vn1BU-EfSDhHf6MdUiIBYcXY5bjIVqL9kByBPc_M971dhQ-8pV6Ule8O32Ahq_vS6V6PvrUnIFxanczI0SxPtw4k5clI_mYqoRA07rK4S8d_kNRh4sch6TiZPdz4GFiQveW742h-cFr6yxs9QNSyk_9xosWXJj6q3MR3WZZ82ykliB7AZXP4SEgU8yPbBE0TXpLWl-uqpSROVjHKwOZAZ6E9_kIOkPiLj84MEfeHxDs7Drmc-lWSEeHfhzyjGnuwISXJU-zs0dmkTcrterUwUWjnY7svfmbElxLZdTRgof0CSaGOxk_a8RkkklR4olfODZ3FLgn8Fqt4oL_sgImQI39nnv8Pc21bFPgG3JmVNEt4qOpYPjsGBj9WoB-cBZWIHD3nJ52yMQjKIppKTDGa2yjw9y53X2yf99o-8ukWUxVyu1e4CQlMvPzCXh6DGmnwm6o8DDTiK-bxvEDq-lIRL1D2xYavKNw2O6_jRm87fCqUFfrB4pYKnqWWP8rJJqMwWMOGqTHkSuF4h9g6Z2Kqyqho_UjaJZQWIN50AL7_5MOTwn8stqRtZkcZdNg_Y9R42HR8OEJz2FvS79CbS_BHrqw0cS-uhaNLtQVNjmPB50vR-oE3C42hBDZzq-8WLgN1o1jn8EeYE75N2BkT5t_VdHkrIYpHAPwPG6WxdDj5NLeF5HRbPlST8hiZdqMhXlNtbobqOR44_tM-m-_CBPedoSbp7sMONAM4MNPjU-vX-a5fcT2YWiHZ0LnrvVBdIN6wddZAKvju0HksT9AkgSND5D7v5iuSzKTzgBGwObwfOA3yOxeG7InvCSE4nqE_O8umPA3tYWLcOfLUiu_4ZAzoJEl0zRN9MvP7qHHEhSxldzbErq42_-C2mhhky0FYW5V6WA9HFE53exhT_GMSFzmwvPY5ctld8RhZqnIM539oCq_zb69uFxNmxSw1Y325mA0dGl25JfZMzB8FRq312RNyqQBTZLrNOTHZYYjvRIQDRRq8jQtN10BWbJPbYn4PrXiEkCGna1ZPydpKyhmVzGgyPFsaekNr5r5hy2PASnliAG4vdNBfs1ZPYiQ94TkLdjtTyHr-v-75CfpnPJPMsIN6249MLysYSSgC1V5dOEsxAHdbRlBBhwHcs0oyFFcgxtZS9n4z9rcNnk-xvVvNsFpXQ8x&ext_cid=224906&px_id=73560190&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7700844236672991902&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.021892081860232598&verify_hash=fb0fa17e9e39ca6038cae4ad627f5261&is_native=1&real_bid=0.02170381003139515&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,33,5,98&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715307520&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=3c5a2aa4-7bfd-4571-a918-7853d5d5fb8e&prev_step_diff=956 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2mbdippex.com/in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134720&subid=1211831614&sid=1106004102&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D7Y7qwpcNrK1fUFAlBmzVwIHKLQo18187a2yqgrIVFPUuuUG_e3FHnHpqagbV4ntJGglbRbjcmYs5tT70zebKil7JOaZf20s7YgLHlgcURv5E9AOMCdImfIGJ_1fuF2F1m6zocebj9YoBIsuxgnMiojSyRiSO5i1lVqLRAbeKKbsWYXKg6BnKDLmuF5D2WQwJZlj-3L0RTGOrz0PpeUUJLvEiCdNwPzYZogWJCvzWGfWnXXtL-6kwoFcO2_6dSBDBRrFwBV1jgQNZ25uGQ5juWMgiYX2XlyOj5Qd1SGmI_Aw5Xt0YfhJogEQy-3dMbSzau9r4Gjm9d24KY1bTnwS6jmJOu8AItRHcPm0WK14pdkj4cI_UCQrzf8R-ceRVM2jQBOKM8wSF02dxXFUHa6CTH4r_pP7XEzW9lyNx6HwuvulQ_fyI5phcANkXbG-F9zE00imvC5LRp5HUMQVrgeqGgkVg6s43MJqC73zILZLXv_wv4miD0jPl6dX91Wbah4jGGWSHMfQHH84-eRN4RZBbOQSy3x2No_rfuUVLc1LERLZbEeCwRRSaGt4kzkKnneiDjHjlKAjt457NqPVGnyUPH_I8NhzjEAYiozqe4vVdBrFxlcIhR-2E5L-MUWZD0S1MT0QKvP5uMiWjp6HajR2qAmLI1B7WH580kt0Z6ZDxQs_t9FTWL8PkSJUeeaKbthSbaWO6geTouN9qTfTMBlgtlIE9HBXYkbWVTgDmg4Sty-WTiks4MUhVl7N2gx796ruuk44RBbSo6Efi8fnfHwG70DBS39WvA5DXu7Tzk1FpdYGmivWVTZmbn4iUEsk-0m_8nSWTlE0Tx-rJ3UoBVmH7MVxrifb0sGe5Br_vaKJ_aYzHqLJiwqy9XPdtxTXSM3JbxHQ8ceBnmjtmlUQg3B3M353uIeETrMLTmhuj9npEH0GAklMP81ZLA8titAlowTVYLVuaFWK7aZuelUKram0EvP4Uj9HbZnTNR-DhJ0ftdL0Qbd1LdBVOlqOHSXS7j1BKxSXMElqUzyEZd3nlZvnykTN8Ya_Dopy3OnB1DtRq42hM3XYKvVGZDT_WCiiWVzAj0WWaXsRwr9_x8WlWBXgMgODRqmAb5kfxTwRaO0uZHl9S7bSvx8-j85BrUoNnfzECDvjMTRx2kq1XV9kZzEPaUhhfL_8NX_rKArzr8dKKxRyQAuiPKjXcSPcaGesAWEipNLtlCnpw4oXTa8dD2hPEMCxfVQrpHIYVQOqaCEkr4Adq51GgBZ1ux8LcBuv8bCiW8YRFsYovr_0cK8mxfKAY75--oomY22H2E5Ll3wELHUplg1iz%26bid%3D0.021892081860232598&icons=-uwf99Mrg1yLshl0kSIfOzY_Y7eacjW30r8Z2DokkUv-dVtKAFpta6-9qtMzEUM5BJQoDi_j3yGSx3sU1LoS7qipBFDaSfCW0I4amJPiyICR0u696UI_7cKuqo6K-zrWqGw42zj15kO1VyVY6JNZRBnpTN6T1Vn1BU-EfSDhHf6MdUiIBYcXY5bjIVqL9kByBPc_M971dhQ-8pV6Ule8O32Ahq_vS6V6PvrUnIFxanczI0SxPtw4k5clI_mYqoRA07rK4S8d_kNRh4sch6TiZPdz4GFiQveW742h-cFr6yxs9QNSyk_9xosWXJj6q3MR3WZZ82ykliB7AZXP4SEgU8yPbBE0TXpLWl-uqpSROVjHKwOZAZ6E9_kIOkPiLj84MEfeHxDs7Drmc-lWSEeHfhzyjGnuwISXJU-zs0dmkTcrterUwUWjnY7svfmbElxLZdTRgof0CSaGOxk_a8RkkklR4olfODZ3FLgn8Fqt4oL_sgImQI39nnv8Pc21bFPgG3JmVNEt4qOpYPjsGBj9WoB-cBZWIHD3nJ52yMQjKIppKTDGa2yjw9y53X2yf99o-8ukWUxVyu1e4CQlMvPzCXh6DGmnwm6o8DDTiK-bxvEDq-lIRL1D2xYavKNw2O6_jRm87fCqUFfrB4pYKnqWWP8rJJqMwWMOGqTHkSuF4h9g6Z2Kqyqho_UjaJZQWIN50AL7_5MOTwn8stqRtZkcZdNg_Y9R42HR8OEJz2FvS79CbS_BHrqw0cS-uhaNLtQVNjmPB50vR-oE3C42hBDZzq-8WLgN1o1jn8EeYE75N2BkT5t_VdHkrIYpHAPwPG6WxdDj5NLeF5HRbPlST8hiZdqMhXlNtbobqOR44_tM-m-_CBPedoSbp7sMONAM4MNPjU-vX-a5fcT2YWiHZ0LnrvVBdIN6wddZAKvju0HksT9AkgSND5D7v5iuSzKTzgBGwObwfOA3yOxeG7InvCSE4nqE_O8umPA3tYWLcOfLUiu_4ZAzoJEl0zRN9MvP7qHHEhSxldzbErq42_-C2mhhky0FYW5V6WA9HFE53exhT_GMSFzmwvPY5ctld8RhZqnIM539oCq_zb69uFxNmxSw1Y325mA0dGl25JfZMzB8FRq312RNyqQBTZLrNOTHZYYjvRIQDRRq8jQtN10BWbJPbYn4PrXiEkCGna1ZPydpKyhmVzGgyPFsaekNr5r5hy2PASnliAG4vdNBfs1ZPYiQ94TkLdjtTyHr-v-75CfpnPJPMsIN6249MLysYSSgC1V5dOEsxAHdbRlBBhwHcs0oyFFcgxtZS9n4z9rcNnk-xvVvNsFpXQ8x&ext_cid=224906&px_id=73560190&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7700844236672991902&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.021892081860232598&verify_hash=fb0fa17e9e39ca6038cae4ad627f5261&is_native=1&real_bid=0.02170381003139515&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,33,5,98&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715307520&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=3c5a2aa4-7bfd-4571-a918-7853d5d5fb8e&prev_step_diff=956 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=d&site_id=31560190&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134720&subid=1211831614&sid=1106004102&tcid=0&ver=8.159.0&ver_c=&spot_id=560190&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=6241671574567358293&score=36.73906512521945&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1211831614%26spot_id%3D560190%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D7Y7qwpcNrK1fUFAlBmzVwIHKLQo18187a2yqgrIVFPUuuUG_e3FHnHpqagbV4ntJGglbRbjcmYs5tT70zebKil7JOaZf20s7YgLHlgcURv5E9AOMCdImfIGJ_1fuF2F1m6zocebj9YoBIsuxgnMiojSyRiSO5i1lVqLRAbeKKbsWYXKg6BnKDLmuF5D2WQwJZlj-3L0RTGOrz0PpeUUJLvEiCdNwPzYZogWJCvzWGfWnXXtL-6kwoFcO2_6dSBDBRrFwBV1jgQNZ25uGQ5juWMgiYX2XlyOj5Qd1SGmI_Aw5Xt0YfhJogEQy-3dMbSzau9r4Gjm9d24KY1bTnwS6jmJOu8AItRHcPm0WK14pdkj4cI_UCQrzf8R-ceRVM2jQBOKM8wSF02dxXFUHa6CTH4r_pP7XEzW9lyNx6HwuvulQ_fyI5phcANkXbG-F9zE00imvC5LRp5HUMQVrgeqGgkVg6s43MJqC73zILZLXv_wv4miD0jPl6dX91Wbah4jGGWSHMfQHH84-eRN4RZBbOQSy3x2No_rfuUVLc1LERLZbEeCwRRSaGt4kzkKnneiDjHjlKAjt457NqPVGnyUPH_I8NhzjEAYiozqe4vVdBrFxlcIhR-2E5L-MUWZD0S1MT0QKvP5uMiWjp6HajR2qAmLI1B7WH580kt0Z6ZDxQs_t9FTWL8PkSJUeeaKbthSbaWO6geTouN9qTfTMBlgtlIE9HBXYkbWVTgDmg4Sty-WTiks4MUhVl7N2gx796ruuk44RBbSo6Efi8fnfHwG70DBS39WvA5DXu7Tzk1FpdYGmivWVTZmbn4iUEsk-0m_8nSWTlE0Tx-rJ3UoBVmH7MVxrifb0sGe5Br_vaKJ_aYzHqLJiwqy9XPdtxTXSM3JbxHQ8ceBnmjtmlUQg3B3M353uIeETrMLTmhuj9npEH0GAklMP81ZLA8titAlowTVYLVuaFWK7aZuelUKram0EvP4Uj9HbZnTNR-DhJ0ftdL0Qbd1LdBVOlqOHSXS7j1BKxSXMElqUzyEZd3nlZvnykTN8Ya_Dopy3OnB1DtRq42hM3XYKvVGZDT_WCiiWVzAj0WWaXsRwr9_x8WlWBXgMgODRqmAb5kfxTwRaO0uZHl9S7bSvx8-j85BrUoNnfzECDvjMTRx2kq1XV9kZzEPaUhhfL_8NX_rKArzr8dKKxRyQAuiPKjXcSPcaGesAWEipNLtlCnpw4oXTa8dD2hPEMCxfVQrpHIYVQOqaCEkr4Adq51GgBZ1ux8LcBuv8bCiW8YRFsYovr_0cK8mxfKAY75--oomY22H2E5Ll3wELHUplg1iz%26bid%3D0.021892081860232598&icons=-uwf99Mrg1yLshl0kSIfOzY_Y7eacjW30r8Z2DokkUv-dVtKAFpta6-9qtMzEUM5BJQoDi_j3yGSx3sU1LoS7qipBFDaSfCW0I4amJPiyICR0u696UI_7cKuqo6K-zrWqGw42zj15kO1VyVY6JNZRBnpTN6T1Vn1BU-EfSDhHf6MdUiIBYcXY5bjIVqL9kByBPc_M971dhQ-8pV6Ule8O32Ahq_vS6V6PvrUnIFxanczI0SxPtw4k5clI_mYqoRA07rK4S8d_kNRh4sch6TiZPdz4GFiQveW742h-cFr6yxs9QNSyk_9xosWXJj6q3MR3WZZ82ykliB7AZXP4SEgU8yPbBE0TXpLWl-uqpSROVjHKwOZAZ6E9_kIOkPiLj84MEfeHxDs7Drmc-lWSEeHfhzyjGnuwISXJU-zs0dmkTcrterUwUWjnY7svfmbElxLZdTRgof0CSaGOxk_a8RkkklR4olfODZ3FLgn8Fqt4oL_sgImQI39nnv8Pc21bFPgG3JmVNEt4qOpYPjsGBj9WoB-cBZWIHD3nJ52yMQjKIppKTDGa2yjw9y53X2yf99o-8ukWUxVyu1e4CQlMvPzCXh6DGmnwm6o8DDTiK-bxvEDq-lIRL1D2xYavKNw2O6_jRm87fCqUFfrB4pYKnqWWP8rJJqMwWMOGqTHkSuF4h9g6Z2Kqyqho_UjaJZQWIN50AL7_5MOTwn8stqRtZkcZdNg_Y9R42HR8OEJz2FvS79CbS_BHrqw0cS-uhaNLtQVNjmPB50vR-oE3C42hBDZzq-8WLgN1o1jn8EeYE75N2BkT5t_VdHkrIYpHAPwPG6WxdDj5NLeF5HRbPlST8hiZdqMhXlNtbobqOR44_tM-m-_CBPedoSbp7sMONAM4MNPjU-vX-a5fcT2YWiHZ0LnrvVBdIN6wddZAKvju0HksT9AkgSND5D7v5iuSzKTzgBGwObwfOA3yOxeG7InvCSE4nqE_O8umPA3tYWLcOfLUiu_4ZAzoJEl0zRN9MvP7qHHEhSxldzbErq42_-C2mhhky0FYW5V6WA9HFE53exhT_GMSFzmwvPY5ctld8RhZqnIM539oCq_zb69uFxNmxSw1Y325mA0dGl25JfZMzB8FRq312RNyqQBTZLrNOTHZYYjvRIQDRRq8jQtN10BWbJPbYn4PrXiEkCGna1ZPydpKyhmVzGgyPFsaekNr5r5hy2PASnliAG4vdNBfs1ZPYiQ94TkLdjtTyHr-v-75CfpnPJPMsIN6249MLysYSSgC1V5dOEsxAHdbRlBBhwHcs0oyFFcgxtZS9n4z9rcNnk-xvVvNsFpXQ8x&ext_cid=224906&px_id=73560190&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7700844236672991902&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.021892081860232598&verify_hash=fb0fa17e9e39ca6038cae4ad627f5261&is_native=1&real_bid=0.02170381003139515&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,33,5,98&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1715307520&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=3c5a2aa4-7bfd-4571-a918-7853d5d5fb8e&prev_step_diff=956 HTTP/1.1
Host: mbdippex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=106947eb-d314-4ecd-8a67-4918dfc5c7b8&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=106947eb-d314-4ecd-8a67-4918dfc5c7b8&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=106947eb-d314-4ecd-8a67-4918dfc5c7b8&subid=308553955&spot_id=529502&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 1202bb3601.29972123f3.com/85e8405e316bc191fffad51abaff7a3c.js | 45.133.44.53 | 200 OK | 94 kB |
URL GET HTTP/21202bb3601.29972123f3.com/85e8405e316bc191fffad51abaff7a3c.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
File typegzip compressed data, from Unix Hash9c7b324ae34b73faf0d4117947050906 fdf919741053c959917d4797918484b77b056515 cc164d8550575c5f3130f8f2fc9fdc9acc865f7c75ecdb1c2d3c348f6af6e5bd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /85e8405e316bc191fffad51abaff7a3c.js HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?event_id=3a83e3ea-1722-419d-977d-007d961d0b35&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=3a83e3ea-1722-419d-977d-007d961d0b35&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=3a83e3ea-1722-419d-977d-007d961d0b35&subid=14364679&spot_id=560192&created_at=2024-05-08&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:41 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwOqU8UXlId-xkCofNUnDJfUQJFmg1sYkxkKCJKDx-PbkVLIeuq7mfXpjFPPPBog6KpiqLb&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S553679467%3A1715134720999972&theme=mn&ddm=0 | 64.233.165.84 | 403 Forbidden | 1.9 kB |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwOqU8UXlId-xkCofNUnDJfUQJFmg1sYkxkKCJKDx-PbkVLIeuq7mfXpjFPPPBog6KpiqLb&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S553679467%3A1715134720999972&theme=mn&ddm=0 IP64.233.165.84:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT
File typegzip compressed data, max compression Hash54d2f73842d912115b19516f111c27e5 3fe404c46fd2cddff1e11559d0efcce413670b83 4b2a5c29dfabd86d4e2c63713e0117067079fe9840cc014bb3b6f4c5e94b4c53
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwOqU8UXlId-xkCofNUnDJfUQJFmg1sYkxkKCJKDx-PbkVLIeuq7mfXpjFPPPBog6KpiqLb&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S553679467%3A1715134720999972&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 02:18:41 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-t5hfy12y625OVHuzow-acA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp | 45.133.44.24 | 200 OK | 4.6 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash5117b911fc2a299c2612d4b01e5688e6 401246f0319067904d5ed7175f619d5763e7e6bb 361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44
GET /creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:41 GMT
content-type: image/webp
content-length: 4616
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1208"
expires: Thu, 08 May 2025 02:18:41 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=rFS-E1eKaZNuNM9LsCmaphew7JK8bQl6j2WOtT-AGcWbPih9A679QSC2DyZ9G0KAfWUK6yuKCmDeL4Xqram8T3SbOioRB8Hb4Uw9MD5s91XmEHBd7c5mO4gHlyuUaxWaVss8nqpHXO_J9ZWBoL4FCj-eFnyDbu3OOMOpng67U0BI9zcQIn4K0SOhCGrlrHP2GAdh8qfRPtd3ij9ZFgTMWQYMYVzfk8w0h4JU8qKcq8MSQcMyec2AbvJGwcA33qvipQ14069hBFmHPS65CMl8lx7KhRA0xTsJC8T7Gy6WPHCDdbyc_DcMnkH0qNkskX59z7eHscydYy69GQYmB7HLuQ7ladnAT0Dk24QrWGWOciBsILqiSojRf4afv5iqbRSgRzjk5TZfZNE_CriCTEoI1hRmd0EOqi8TtbavP5RI5AJcQpG3N10d9PFgtw-Jvn3duRxNRtd-zbC4vUx0TC6yuhA4kNNbyMTlZARrs7DwdNY8yTX0c_SpAoxer6-gRdeLHcsB6V0kx0zogcKY23tqqZBKxVnBFjIQUdzttSW31ayRp9_mjP3Wexhu9KFYRHpKm0HcsKbI9SWTFhDr2DylteZrMT2CDP3SsJPxGYVNwxh-rO1ohbg0wjyQ4Yq7a9FyFES6b5NRr2l6z2QtAEFcI1bVGBJkLublTgzSffbaXK7Y7joVIJ134KlJaYSyjmiTG8vRZZpx8TkyIWZhQ_onx9MkcmyLOE6addGPaRCfFZL9f3JNliLOdlcI8keHLCtiRBcty8aEuVMkzbZU1lciIBRQrk4fC9L2v3aurfXMKP74AE7uhq91QgayDIpf7d7bn4mRt6cOYgeELVUHdQ_rGmKFYkgeRTBJNOQoMVFaDiYCSEIFCtmsn6rSZ10z&bid=0.021892081860232598&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=bf18a7c8-ac90-4154-97b0-33a67dae5a80&prev_step_diff=956 | 172.67.185.171 | 302 Found | 0 B |
URL GET HTTP/2p.a64x.com/in/tip_shows/?katds_ep=rFS-E1eKaZNuNM9LsCmaphew7JK8bQl6j2WOtT-AGcWbPih9A679QSC2DyZ9G0KAfWUK6yuKCmDeL4Xqram8T3SbOioRB8Hb4Uw9MD5s91XmEHBd7c5mO4gHlyuUaxWaVss8nqpHXO_J9ZWBoL4FCj-eFnyDbu3OOMOpng67U0BI9zcQIn4K0SOhCGrlrHP2GAdh8qfRPtd3ij9ZFgTMWQYMYVzfk8w0h4JU8qKcq8MSQcMyec2AbvJGwcA33qvipQ14069hBFmHPS65CMl8lx7KhRA0xTsJC8T7Gy6WPHCDdbyc_DcMnkH0qNkskX59z7eHscydYy69GQYmB7HLuQ7ladnAT0Dk24QrWGWOciBsILqiSojRf4afv5iqbRSgRzjk5TZfZNE_CriCTEoI1hRmd0EOqi8TtbavP5RI5AJcQpG3N10d9PFgtw-Jvn3duRxNRtd-zbC4vUx0TC6yuhA4kNNbyMTlZARrs7DwdNY8yTX0c_SpAoxer6-gRdeLHcsB6V0kx0zogcKY23tqqZBKxVnBFjIQUdzttSW31ayRp9_mjP3Wexhu9KFYRHpKm0HcsKbI9SWTFhDr2DylteZrMT2CDP3SsJPxGYVNwxh-rO1ohbg0wjyQ4Yq7a9FyFES6b5NRr2l6z2QtAEFcI1bVGBJkLublTgzSffbaXK7Y7joVIJ134KlJaYSyjmiTG8vRZZpx8TkyIWZhQ_onx9MkcmyLOE6addGPaRCfFZL9f3JNliLOdlcI8keHLCtiRBcty8aEuVMkzbZU1lciIBRQrk4fC9L2v3aurfXMKP74AE7uhq91QgayDIpf7d7bn4mRt6cOYgeELVUHdQ_rGmKFYkgeRTBJNOQoMVFaDiYCSEIFCtmsn6rSZ10z&bid=0.021892081860232598&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=bf18a7c8-ac90-4154-97b0-33a67dae5a80&prev_step_diff=956 IP172.67.185.171:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=rFS-E1eKaZNuNM9LsCmaphew7JK8bQl6j2WOtT-AGcWbPih9A679QSC2DyZ9G0KAfWUK6yuKCmDeL4Xqram8T3SbOioRB8Hb4Uw9MD5s91XmEHBd7c5mO4gHlyuUaxWaVss8nqpHXO_J9ZWBoL4FCj-eFnyDbu3OOMOpng67U0BI9zcQIn4K0SOhCGrlrHP2GAdh8qfRPtd3ij9ZFgTMWQYMYVzfk8w0h4JU8qKcq8MSQcMyec2AbvJGwcA33qvipQ14069hBFmHPS65CMl8lx7KhRA0xTsJC8T7Gy6WPHCDdbyc_DcMnkH0qNkskX59z7eHscydYy69GQYmB7HLuQ7ladnAT0Dk24QrWGWOciBsILqiSojRf4afv5iqbRSgRzjk5TZfZNE_CriCTEoI1hRmd0EOqi8TtbavP5RI5AJcQpG3N10d9PFgtw-Jvn3duRxNRtd-zbC4vUx0TC6yuhA4kNNbyMTlZARrs7DwdNY8yTX0c_SpAoxer6-gRdeLHcsB6V0kx0zogcKY23tqqZBKxVnBFjIQUdzttSW31ayRp9_mjP3Wexhu9KFYRHpKm0HcsKbI9SWTFhDr2DylteZrMT2CDP3SsJPxGYVNwxh-rO1ohbg0wjyQ4Yq7a9FyFES6b5NRr2l6z2QtAEFcI1bVGBJkLublTgzSffbaXK7Y7joVIJ134KlJaYSyjmiTG8vRZZpx8TkyIWZhQ_onx9MkcmyLOE6addGPaRCfFZL9f3JNliLOdlcI8keHLCtiRBcty8aEuVMkzbZU1lciIBRQrk4fC9L2v3aurfXMKP74AE7uhq91QgayDIpf7d7bn4mRt6cOYgeELVUHdQ_rGmKFYkgeRTBJNOQoMVFaDiYCSEIFCtmsn6rSZ10z&bid=0.021892081860232598&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.04&cpa=bf18a7c8-ac90-4154-97b0-33a67dae5a80&prev_step_diff=956 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 02:18:41 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mF63LihNLbVD26%2FTkGuO1vVRo5dwkZBdiAdmbYAP02Wvw0hItWDAoB4RK8NdbNxDMEjNsiVg1b0Ju1cjBfn%2BNhyK1mOrl01oprShmaUWEu%2BDXu6xEk%2BY%2BBtI2r%2Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e888c80b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg | 45.133.44.25 | 200 OK | 11 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hash7a0f4319e0c7d4e0ec42eae657ba39fd e2940c23868c5975a1dc1a3c963609b34abbe6b5 6c0278ead1dce8c37b6b233d5251184cd820586eeb5d30db860c1c7315d5dba0
GET /m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:41 GMT
content-type: image/jpeg
content-length: 11228
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:57 GMT
etag: "66159d89-2bdc"
x-request-id: 13aea49745d30295dcee0faf2bf8a0c1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg | 45.133.44.25 | 200 OK | 2.5 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hash9eb726ecf5e85e3b48f854490ff8284a d08b4f022e64d06f2642c5c9217d35b7851516d5 30bd73405bb72856107c9e940bece489b670970c3d2e4d6b592cc138a67a3c05
GET /m/p/0/777/777181/conversions/PguV688J-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:41 GMT
content-type: image/jpeg
content-length: 2460
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:49 GMT
etag: "66159d81-99c"
x-request-id: 064bc710493213dae1825c3b2f5e7289
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.4 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashba4b3da9df4ac55d9f0e6bbf1e79858f 6be711eaeb6264b05d15e07d34aeb5aad5dfaab6 5e408dee80c9629cf9d35cbbdc5683c21c7dcd22229f1c10e83bc15303671888
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1406
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 08 May 2024 02:18:42 GMT
content-type: application/json
content-length: 6415
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 6.4 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hash30f5ebb8ec3f44ed90e9585d45c0c10e b1dc1855a23cae442c4b79f2fa950b6ce1b7025a cb1931540b9da2b7c28096e4cdd070ba0e508327545c4e45a44fba3223b40bc6
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1405
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 08 May 2024 02:18:42 GMT
content-type: application/json
content-length: 6405
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| pyknrhm5c.com/chicken.gif?z=2025683&pb=847000ae4dd4555064e1fbaaf71879a51715141918&psp=9W819F0vS8jTRZjnpuRoBUkAWpiECsRsBjgelS_BYXb2haCD4wQp74a4eD-gHvsmQIoa_OfyFhOjUAM5obnmmBwAfTdcilSFzX_yD57O2xFFuxea1ovW_6iZ9BI822nDTqirrz6RFwumJMwx9l0YaV9qb03JhdrPv3z-41iNXvOVY8nK39-RbBu7Et2yODRDYgNTjdzVu2SOEunLTeeIpvqiUWUW4l-C6s-DHrm3zIq2XDxlrxratvYJFK7P7jK80f4o1GrzAGmft0E4Hkz91tgXeMF-k_3WU2izeA9-zlYkoEKhhUoUAuavDRQtMeqkc4tyA2EYptYmJic_raHlUTjojhNd7lae5Bktcb3p83YpPVhzoFBmumARudhRrQVZolb6-yQQDi1oLTJlUEjqGLBnOYR3BfLTALslXHu9L8i9pao5AqeB_FafIUzSb5hU9F0VeeYS3W3YS5TnQ0vgGt1RT9aUce9ZaL6cL9vICWpfJMhnLo19oaQ9Lh-ggypTAGr9o8WibDViQbMVLxFM5jaecOFWBglYN98w1zIgGBcLdV0LIhSqi3RLltT-ZwZWv2lYapMepRyG5oWLvFnx3BI7SAH1-Sag4I6S86LVXTTTtsL6jtC2Du91IGNaCyXSPh_2UMDdnUhxsWFMKm3Y8i05krCmbJzXqZfgA12ak3GNyEi-N3i9g9aBfrw1_EU=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952649713664&eclog=0&im=1&_=0.29827417613375407 | 212.117.190.201 | 200 OK | 43 B |
URL GET HTTP/2pyknrhm5c.com/chicken.gif?z=2025683&pb=847000ae4dd4555064e1fbaaf71879a51715141918&psp=9W819F0vS8jTRZjnpuRoBUkAWpiECsRsBjgelS_BYXb2haCD4wQp74a4eD-gHvsmQIoa_OfyFhOjUAM5obnmmBwAfTdcilSFzX_yD57O2xFFuxea1ovW_6iZ9BI822nDTqirrz6RFwumJMwx9l0YaV9qb03JhdrPv3z-41iNXvOVY8nK39-RbBu7Et2yODRDYgNTjdzVu2SOEunLTeeIpvqiUWUW4l-C6s-DHrm3zIq2XDxlrxratvYJFK7P7jK80f4o1GrzAGmft0E4Hkz91tgXeMF-k_3WU2izeA9-zlYkoEKhhUoUAuavDRQtMeqkc4tyA2EYptYmJic_raHlUTjojhNd7lae5Bktcb3p83YpPVhzoFBmumARudhRrQVZolb6-yQQDi1oLTJlUEjqGLBnOYR3BfLTALslXHu9L8i9pao5AqeB_FafIUzSb5hU9F0VeeYS3W3YS5TnQ0vgGt1RT9aUce9ZaL6cL9vICWpfJMhnLo19oaQ9Lh-ggypTAGr9o8WibDViQbMVLxFM5jaecOFWBglYN98w1zIgGBcLdV0LIhSqi3RLltT-ZwZWv2lYapMepRyG5oWLvFnx3BI7SAH1-Sag4I6S86LVXTTTtsL6jtC2Du91IGNaCyXSPh_2UMDdnUhxsWFMKm3Y8i05krCmbJzXqZfgA12ak3GNyEi-N3i9g9aBfrw1_EU=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952649713664&eclog=0&im=1&_=0.29827417613375407 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint8C:0B:00:37:E9:46:0D:D7:64:26:AF:BD:4B:AC:9D:E3:CA:27:CD:87 ValidityFri, 03 May 2024 21:32:33 GMT - Tue, 29 Oct 2024 22:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2025683&pb=847000ae4dd4555064e1fbaaf71879a51715141918&psp=9W819F0vS8jTRZjnpuRoBUkAWpiECsRsBjgelS_BYXb2haCD4wQp74a4eD-gHvsmQIoa_OfyFhOjUAM5obnmmBwAfTdcilSFzX_yD57O2xFFuxea1ovW_6iZ9BI822nDTqirrz6RFwumJMwx9l0YaV9qb03JhdrPv3z-41iNXvOVY8nK39-RbBu7Et2yODRDYgNTjdzVu2SOEunLTeeIpvqiUWUW4l-C6s-DHrm3zIq2XDxlrxratvYJFK7P7jK80f4o1GrzAGmft0E4Hkz91tgXeMF-k_3WU2izeA9-zlYkoEKhhUoUAuavDRQtMeqkc4tyA2EYptYmJic_raHlUTjojhNd7lae5Bktcb3p83YpPVhzoFBmumARudhRrQVZolb6-yQQDi1oLTJlUEjqGLBnOYR3BfLTALslXHu9L8i9pao5AqeB_FafIUzSb5hU9F0VeeYS3W3YS5TnQ0vgGt1RT9aUce9ZaL6cL9vICWpfJMhnLo19oaQ9Lh-ggypTAGr9o8WibDViQbMVLxFM5jaecOFWBglYN98w1zIgGBcLdV0LIhSqi3RLltT-ZwZWv2lYapMepRyG5oWLvFnx3BI7SAH1-Sag4I6S86LVXTTTtsL6jtC2Du91IGNaCyXSPh_2UMDdnUhxsWFMKm3Y8i05krCmbJzXqZfgA12ak3GNyEi-N3i9g9aBfrw1_EU=&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178952649713664&eclog=0&im=1&_=0.29827417613375407 HTTP/1.1
Host: pyknrhm5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UID=2405072118000053db443f499f930442954b; CHCK=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:44 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=d5e2801a-869d-4601-a8d8-4ece9e95a205&subid=1511354673&sid=4045716304&spot_id=529500&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 | 94.130.198.6 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=d5e2801a-869d-4601-a8d8-4ece9e95a205&subid=1511354673&sid=4045716304&spot_id=529500&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 IP94.130.198.6:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=d5e2801a-869d-4601-a8d8-4ece9e95a205&subid=1511354673&sid=4045716304&spot_id=529500&created_at=2024-05-08&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 02:18:45 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 1e7942d985.fff2788093.com/in/multy | 168.119.25.102 | 204 No Content | 0 B |
URL OPTIONS HTTP/21e7942d985.fff2788093.com/in/multy IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /in/multy HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 08 May 2024 02:18:45 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 1e7942d985.fff2788093.com/in/multy | 168.119.25.102 | 204 No Content | 5.8 kB |
URL OPTIONS HTTP/21e7942d985.fff2788093.com/in/multy IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hash5d69fcacc45250d97906462ef3ec385d ac79be1e561b60d304bb4366f762f94b2d28adc0 41facb42254b84e35dfcc669bc2547858b52baf4d5685bb646c0161c8e0e99ac
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /in/multy HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2387
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 02:18:45 GMT
content-type: application/json
content-length: 5787
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.106 | 200 OK | 2.6 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash5b1265598a20929744e3fa10551359c9 d17db7df8b67e3646101d510a837284b153c0182 a667a94c8b6494c5437dc58127ae92f6486c60a5d90e010d14565ef9679ab693
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:44 GMT
date: Wed, 08 May 2024 02:18:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134725&subid=1511354673&sid=4045716304&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&icons=j7uc4RvGqO13Hjd20FAdNQ7WSahoBzEndffPbszqhGY3pzb_KOyCbhCIeKU2jNFf-yXs1Q85pLu9-hqky2FI2g0AGqZNWbxM4XSurNQW1NXgH_E5wUbsic77EhQzC6S6v_ngXxpM0srycSepZM2sJdWktskl7AoQWMbiAq1_e4UOW1dtvQ&ext_cid=0&px_id=529500&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=558294707596832439&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01690861968759447&cpm=0&verify_hash=98e7fa1da1fe94457e029c74e9cda75f&is_native=4&real_bid=0.00048587458372000106&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=129,108,0,114,4,5,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-12-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000026809300000000004&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=d821c327-ba2e-40db-8db6-ebd65b060107&prev_step_diff=744 | 168.119.25.102 | 200 OK | 0 B |
URL GET HTTP/21e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134725&subid=1511354673&sid=4045716304&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&icons=j7uc4RvGqO13Hjd20FAdNQ7WSahoBzEndffPbszqhGY3pzb_KOyCbhCIeKU2jNFf-yXs1Q85pLu9-hqky2FI2g0AGqZNWbxM4XSurNQW1NXgH_E5wUbsic77EhQzC6S6v_ngXxpM0srycSepZM2sJdWktskl7AoQWMbiAq1_e4UOW1dtvQ&ext_cid=0&px_id=529500&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=558294707596832439&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01690861968759447&cpm=0&verify_hash=98e7fa1da1fe94457e029c74e9cda75f&is_native=4&real_bid=0.00048587458372000106&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=129,108,0,114,4,5,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-12-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000026809300000000004&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=d821c327-ba2e-40db-8db6-ebd65b060107&prev_step_diff=744 IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134725&subid=1511354673&sid=4045716304&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&icons=j7uc4RvGqO13Hjd20FAdNQ7WSahoBzEndffPbszqhGY3pzb_KOyCbhCIeKU2jNFf-yXs1Q85pLu9-hqky2FI2g0AGqZNWbxM4XSurNQW1NXgH_E5wUbsic77EhQzC6S6v_ngXxpM0srycSepZM2sJdWktskl7AoQWMbiAq1_e4UOW1dtvQ&ext_cid=0&px_id=529500&min_cpm=0.09329738022515253&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=558294707596832439&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01690861968759447&cpm=0&verify_hash=98e7fa1da1fe94457e029c74e9cda75f&is_native=4&real_bid=0.00048587458372000106&original_bid_usd=0.00268093&original_bid=0.00268093&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=129,108,0,114,4,5,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.00268093&hostname=auc-inpage-hz-12-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000026809300000000004&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=d821c327-ba2e-40db-8db6-ebd65b060107&prev_step_diff=744 HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 02:18:45 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 1e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134725&subid=1511354673&sid=4045716304&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DzLk1YLoJ0WyiXoCd1Ir6htjgP0i2ST8KgqQAuqsseA-bKf7ekelcbrl6VVZZmTQgiuhM8y12K6M-jRpLk7Fz1IQyfWve-G8STGQinweIeQgu3dNV-0rB62qc9eKDsLaHpoNOb_iXmVkZ7JYOdfDUFO54aMBiEmtnGBlc3xXNclvUyfRWGPthytXxqzVQj6hCvyK1X-vse-CUzD8QFdx4oBCXWAJI0dJjMHqndc7N-jKNpUV2gPpsY4gysfqgf8SOmqL7xBJj4Wzy5T-TpheRxwGjl9WwevCRHhRwKfgYlYru6RI7TtmI-CxUaFps_IDlWYaL_1DbNluZnfhQzsin25-LaBRS0rUfVR8oMs8YKPV96ylydogQ_Lof6Bgkb6-7mwYb4204ypvcbLoK0-dFb4GVudr7yj1rmhvfSHOZkxVsTv3mcT-4Ab5RCm2-IQQRY0SqbrX1XC3Lm4qINHfQHiwtYkP-_hC7KLe7BBrqeB361c1Ew3coM_JJbYn2KRL4xd47ITm2YiB1Oe_anSmK6W0pT367g65z6wt_baAV6uov5btfnowQOXQ8gCAFzDwBvRXeF4_ylNOTKiKfsxFiSAF8dm_VgWKOU8iy2aHASNdJ4NZkZfDjht71ScOmvnUi84qKGJwCRXuY67ksJo__cEGtrE0HV1rXWKMzt1i6YrBXeUR0HrfLDiPlX10FWr8Fpfa8UI50Z3zLCcOmpVFmJDUOKclzyDzaSBmeftRlOVioj7ASHXdWOO7ax55BEBlP7dt6kf026JUvdN1NBrmWK-6xR39jcPtT84ZXq_4FLnuzJ4FRCv80W-mAsuTdOFZlSZzljX4n3kobbMX-wMs3Zaj8oEjv1uiy_T2sESM6kYX-89bMNoQ45FcmjiGndtI5Us05iHCeqp2UzZu9s_sG6QDC1DOFYJGQB5hKv7ZU2A4qdTkU0hLs5_WvGhOmYoB-MpAQlbFdezq8lIKE7T4yI-KUoE8FVCxbAmUO9opNdHZ0rOIUvs5CUfBCBlbMARExxrpdqS6ehegiTKz-l4bmuiq2iscQHUSEy7-xb4H6Ddya9FEn2cW4pIXQBuOtRzzNSF-Tb-KbJWbftrWTkKPHAxx6HqBJNu2G5kbh9Lgr2lTUV31LnmkGb_NEZND7oJ1cWDyG48V3cFtxeSuhbp_x6UJ9SjTu3o1CTbuRE4W9hRmYh8JKt-zhhVkgJ-lfYYltm0w%26bid%3D0.019575821329025328&icons=oYTpLzDZqZUGx8V7LKiUPwe1Q9sqwa1s9pZIzBoOzZdP6-WCuEN4L2bCQOLZr5i8YYeXZlUFTy-cFMEL8Vy0duh8Hg3D1zUYAfm0Wd8hMNueZlEbNeeYntIV_rx_CWOsClLlXJzuz26XOLNLPWLVgIdhedjFp4TZl55LponJJt-NsYedtbZt7Xt1-rWUFSl9jHHm6krXl-dm4VcidjU_IXUFza76QjoUb_g500RacjXCjzfTKsldW3qnsox2fq3MN0J7iB3vJA6ifTujDtc59BnaAas4unuDBTLEOax5N2sBEUnUhJr4PARMgc1qKXCM0vX8a1x-G0nSO9sLtdqgLE6NCsbYM23Z4P6hyR7Ox1Aa2iW5JBAlFWfsj94hqzJH3XlEPPIdXUTTRj9RmyChPcEw-4vNoG8-dxE1bK9g4TNJ1zLxRqPaUp5dteFOmVmpikgE9FFPsl2bMhP_5PRXdiTFZArmR3Hx1U1O5_23TSlWUsHjHvslKvBYTSFlePvb-sHqLpy5evB6A8OrgMXGO6hcar_IWdIuL8Btra_xwnV4WsL0ZpOvdOjQ_sVPYqmlvQrmdcTgTx8gLqHaRnfHZQCGCfpjmQmHhsHi8pP0nfNtfEqL6MBgem0RYtFFT82OFbcEQASw4UMm71SAqpTIWHWVE5t9pHDEA74WAuO-bXNHMLl3JU36xe4CULWOCS9Anzb4DU9X3xNM32hbxhWSj2DPS0pOCOdbFI_JOqWkTjrl2JzKx9fQ94Is7UFCF51lKMd2OJOFiM3scQCtsDtHKw8sHWsajpeV_JYvuMPJx2FoKMU-lUHMFeQRrEKPy1zk1Kn-uw2FhfC7Jkbrx4bGsSh2BK-y3ta1tbQ11gVYI-BEellDDABu9Mvncagry8y90_m9s3oZxBi8BD8bXb-dW9hHmMckGZ3zxcEoBypnkrwp_CKTjabWGvAuGFxxYgNvN3AYRSpQxw1Dd7rGA1hm64ZFN5lsJBTpfumIVJZLgL3vgOADe80d9B4x4i0FHSxIItd8mPcbODR8M6OgUX2vBFHX4HOy1OEm8oJ-y4CEBbIYFj4ombu5i8_lZ9j_7NNQ3zXklYqlw4WVKE_cT_5TFa86fIroJsZYNlmHsw_mpdeechEj4J863bj0pXXqOHq2sYGVSUaUnCLoPybtiweNuduLSbR5PuT895WXJ-9vKK3avG4gL4YBAYkECqyzMq6Ommpoi0TZITtzB8pCpayRcLR5CRb_jremXAAcMUKR3IuQPyMABSJtj6DdVsHTbG3qnk8o-d7cEyBISDoK0eR3WVuFDErSSy2uEd6vfzHugJSldAlMFCBM&ext_cid=224906&px_id=73529500&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=558294707596832439&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.019575821329025328&verify_hash=c997dc20c8a42b0810c663b087104127&is_native=1&real_bid=0.019407469332804007&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,33,5,98,130,4&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=1715307525&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=ad16f8e9-e876-46e1-9024-59424822fe05&prev_step_diff=744 | 168.119.25.102 | 200 OK | 0 B |
URL GET HTTP/21e7942d985.fff2788093.com/in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134725&subid=1511354673&sid=4045716304&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DzLk1YLoJ0WyiXoCd1Ir6htjgP0i2ST8KgqQAuqsseA-bKf7ekelcbrl6VVZZmTQgiuhM8y12K6M-jRpLk7Fz1IQyfWve-G8STGQinweIeQgu3dNV-0rB62qc9eKDsLaHpoNOb_iXmVkZ7JYOdfDUFO54aMBiEmtnGBlc3xXNclvUyfRWGPthytXxqzVQj6hCvyK1X-vse-CUzD8QFdx4oBCXWAJI0dJjMHqndc7N-jKNpUV2gPpsY4gysfqgf8SOmqL7xBJj4Wzy5T-TpheRxwGjl9WwevCRHhRwKfgYlYru6RI7TtmI-CxUaFps_IDlWYaL_1DbNluZnfhQzsin25-LaBRS0rUfVR8oMs8YKPV96ylydogQ_Lof6Bgkb6-7mwYb4204ypvcbLoK0-dFb4GVudr7yj1rmhvfSHOZkxVsTv3mcT-4Ab5RCm2-IQQRY0SqbrX1XC3Lm4qINHfQHiwtYkP-_hC7KLe7BBrqeB361c1Ew3coM_JJbYn2KRL4xd47ITm2YiB1Oe_anSmK6W0pT367g65z6wt_baAV6uov5btfnowQOXQ8gCAFzDwBvRXeF4_ylNOTKiKfsxFiSAF8dm_VgWKOU8iy2aHASNdJ4NZkZfDjht71ScOmvnUi84qKGJwCRXuY67ksJo__cEGtrE0HV1rXWKMzt1i6YrBXeUR0HrfLDiPlX10FWr8Fpfa8UI50Z3zLCcOmpVFmJDUOKclzyDzaSBmeftRlOVioj7ASHXdWOO7ax55BEBlP7dt6kf026JUvdN1NBrmWK-6xR39jcPtT84ZXq_4FLnuzJ4FRCv80W-mAsuTdOFZlSZzljX4n3kobbMX-wMs3Zaj8oEjv1uiy_T2sESM6kYX-89bMNoQ45FcmjiGndtI5Us05iHCeqp2UzZu9s_sG6QDC1DOFYJGQB5hKv7ZU2A4qdTkU0hLs5_WvGhOmYoB-MpAQlbFdezq8lIKE7T4yI-KUoE8FVCxbAmUO9opNdHZ0rOIUvs5CUfBCBlbMARExxrpdqS6ehegiTKz-l4bmuiq2iscQHUSEy7-xb4H6Ddya9FEn2cW4pIXQBuOtRzzNSF-Tb-KbJWbftrWTkKPHAxx6HqBJNu2G5kbh9Lgr2lTUV31LnmkGb_NEZND7oJ1cWDyG48V3cFtxeSuhbp_x6UJ9SjTu3o1CTbuRE4W9hRmYh8JKt-zhhVkgJ-lfYYltm0w%26bid%3D0.019575821329025328&icons=oYTpLzDZqZUGx8V7LKiUPwe1Q9sqwa1s9pZIzBoOzZdP6-WCuEN4L2bCQOLZr5i8YYeXZlUFTy-cFMEL8Vy0duh8Hg3D1zUYAfm0Wd8hMNueZlEbNeeYntIV_rx_CWOsClLlXJzuz26XOLNLPWLVgIdhedjFp4TZl55LponJJt-NsYedtbZt7Xt1-rWUFSl9jHHm6krXl-dm4VcidjU_IXUFza76QjoUb_g500RacjXCjzfTKsldW3qnsox2fq3MN0J7iB3vJA6ifTujDtc59BnaAas4unuDBTLEOax5N2sBEUnUhJr4PARMgc1qKXCM0vX8a1x-G0nSO9sLtdqgLE6NCsbYM23Z4P6hyR7Ox1Aa2iW5JBAlFWfsj94hqzJH3XlEPPIdXUTTRj9RmyChPcEw-4vNoG8-dxE1bK9g4TNJ1zLxRqPaUp5dteFOmVmpikgE9FFPsl2bMhP_5PRXdiTFZArmR3Hx1U1O5_23TSlWUsHjHvslKvBYTSFlePvb-sHqLpy5evB6A8OrgMXGO6hcar_IWdIuL8Btra_xwnV4WsL0ZpOvdOjQ_sVPYqmlvQrmdcTgTx8gLqHaRnfHZQCGCfpjmQmHhsHi8pP0nfNtfEqL6MBgem0RYtFFT82OFbcEQASw4UMm71SAqpTIWHWVE5t9pHDEA74WAuO-bXNHMLl3JU36xe4CULWOCS9Anzb4DU9X3xNM32hbxhWSj2DPS0pOCOdbFI_JOqWkTjrl2JzKx9fQ94Is7UFCF51lKMd2OJOFiM3scQCtsDtHKw8sHWsajpeV_JYvuMPJx2FoKMU-lUHMFeQRrEKPy1zk1Kn-uw2FhfC7Jkbrx4bGsSh2BK-y3ta1tbQ11gVYI-BEellDDABu9Mvncagry8y90_m9s3oZxBi8BD8bXb-dW9hHmMckGZ3zxcEoBypnkrwp_CKTjabWGvAuGFxxYgNvN3AYRSpQxw1Dd7rGA1hm64ZFN5lsJBTpfumIVJZLgL3vgOADe80d9B4x4i0FHSxIItd8mPcbODR8M6OgUX2vBFHX4HOy1OEm8oJ-y4CEBbIYFj4ombu5i8_lZ9j_7NNQ3zXklYqlw4WVKE_cT_5TFa86fIroJsZYNlmHsw_mpdeechEj4J863bj0pXXqOHq2sYGVSUaUnCLoPybtiweNuduLSbR5PuT895WXJ-9vKK3avG4gL4YBAYkECqyzMq6Ommpoi0TZITtzB8pCpayRcLR5CRb_jremXAAcMUKR3IuQPyMABSJtj6DdVsHTbG3qnk8o-d7cEyBISDoK0eR3WVuFDErSSy2uEd6vfzHugJSldAlMFCBM&ext_cid=224906&px_id=73529500&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=558294707596832439&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.019575821329025328&verify_hash=c997dc20c8a42b0810c663b087104127&is_native=1&real_bid=0.019407469332804007&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,33,5,98,130,4&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=1715307525&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=ad16f8e9-e876-46e1-9024-59424822fe05&prev_step_diff=744 IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectfff2788093.com Fingerprint81:F0:97:8F:8A:B3:D7:C6:23:C1:FC:F8:5A:A0:2A:EB:73:8A:C7:10 ValidityMon, 06 May 2024 12:38:51 GMT - Sun, 04 Aug 2024 12:38:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /in/show/?tag_ab=d&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&refdom=www.amdahost.com&auction_time=1715134725&subid=1511354673&sid=4045716304&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-08&iabcat=IAB25-3&keywords=adult&user_fp=9474243627012240951&score=67.93361311907826&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch.php%253Fid%253D187592aa4e%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DzLk1YLoJ0WyiXoCd1Ir6htjgP0i2ST8KgqQAuqsseA-bKf7ekelcbrl6VVZZmTQgiuhM8y12K6M-jRpLk7Fz1IQyfWve-G8STGQinweIeQgu3dNV-0rB62qc9eKDsLaHpoNOb_iXmVkZ7JYOdfDUFO54aMBiEmtnGBlc3xXNclvUyfRWGPthytXxqzVQj6hCvyK1X-vse-CUzD8QFdx4oBCXWAJI0dJjMHqndc7N-jKNpUV2gPpsY4gysfqgf8SOmqL7xBJj4Wzy5T-TpheRxwGjl9WwevCRHhRwKfgYlYru6RI7TtmI-CxUaFps_IDlWYaL_1DbNluZnfhQzsin25-LaBRS0rUfVR8oMs8YKPV96ylydogQ_Lof6Bgkb6-7mwYb4204ypvcbLoK0-dFb4GVudr7yj1rmhvfSHOZkxVsTv3mcT-4Ab5RCm2-IQQRY0SqbrX1XC3Lm4qINHfQHiwtYkP-_hC7KLe7BBrqeB361c1Ew3coM_JJbYn2KRL4xd47ITm2YiB1Oe_anSmK6W0pT367g65z6wt_baAV6uov5btfnowQOXQ8gCAFzDwBvRXeF4_ylNOTKiKfsxFiSAF8dm_VgWKOU8iy2aHASNdJ4NZkZfDjht71ScOmvnUi84qKGJwCRXuY67ksJo__cEGtrE0HV1rXWKMzt1i6YrBXeUR0HrfLDiPlX10FWr8Fpfa8UI50Z3zLCcOmpVFmJDUOKclzyDzaSBmeftRlOVioj7ASHXdWOO7ax55BEBlP7dt6kf026JUvdN1NBrmWK-6xR39jcPtT84ZXq_4FLnuzJ4FRCv80W-mAsuTdOFZlSZzljX4n3kobbMX-wMs3Zaj8oEjv1uiy_T2sESM6kYX-89bMNoQ45FcmjiGndtI5Us05iHCeqp2UzZu9s_sG6QDC1DOFYJGQB5hKv7ZU2A4qdTkU0hLs5_WvGhOmYoB-MpAQlbFdezq8lIKE7T4yI-KUoE8FVCxbAmUO9opNdHZ0rOIUvs5CUfBCBlbMARExxrpdqS6ehegiTKz-l4bmuiq2iscQHUSEy7-xb4H6Ddya9FEn2cW4pIXQBuOtRzzNSF-Tb-KbJWbftrWTkKPHAxx6HqBJNu2G5kbh9Lgr2lTUV31LnmkGb_NEZND7oJ1cWDyG48V3cFtxeSuhbp_x6UJ9SjTu3o1CTbuRE4W9hRmYh8JKt-zhhVkgJ-lfYYltm0w%26bid%3D0.019575821329025328&icons=oYTpLzDZqZUGx8V7LKiUPwe1Q9sqwa1s9pZIzBoOzZdP6-WCuEN4L2bCQOLZr5i8YYeXZlUFTy-cFMEL8Vy0duh8Hg3D1zUYAfm0Wd8hMNueZlEbNeeYntIV_rx_CWOsClLlXJzuz26XOLNLPWLVgIdhedjFp4TZl55LponJJt-NsYedtbZt7Xt1-rWUFSl9jHHm6krXl-dm4VcidjU_IXUFza76QjoUb_g500RacjXCjzfTKsldW3qnsox2fq3MN0J7iB3vJA6ifTujDtc59BnaAas4unuDBTLEOax5N2sBEUnUhJr4PARMgc1qKXCM0vX8a1x-G0nSO9sLtdqgLE6NCsbYM23Z4P6hyR7Ox1Aa2iW5JBAlFWfsj94hqzJH3XlEPPIdXUTTRj9RmyChPcEw-4vNoG8-dxE1bK9g4TNJ1zLxRqPaUp5dteFOmVmpikgE9FFPsl2bMhP_5PRXdiTFZArmR3Hx1U1O5_23TSlWUsHjHvslKvBYTSFlePvb-sHqLpy5evB6A8OrgMXGO6hcar_IWdIuL8Btra_xwnV4WsL0ZpOvdOjQ_sVPYqmlvQrmdcTgTx8gLqHaRnfHZQCGCfpjmQmHhsHi8pP0nfNtfEqL6MBgem0RYtFFT82OFbcEQASw4UMm71SAqpTIWHWVE5t9pHDEA74WAuO-bXNHMLl3JU36xe4CULWOCS9Anzb4DU9X3xNM32hbxhWSj2DPS0pOCOdbFI_JOqWkTjrl2JzKx9fQ94Is7UFCF51lKMd2OJOFiM3scQCtsDtHKw8sHWsajpeV_JYvuMPJx2FoKMU-lUHMFeQRrEKPy1zk1Kn-uw2FhfC7Jkbrx4bGsSh2BK-y3ta1tbQ11gVYI-BEellDDABu9Mvncagry8y90_m9s3oZxBi8BD8bXb-dW9hHmMckGZ3zxcEoBypnkrwp_CKTjabWGvAuGFxxYgNvN3AYRSpQxw1Dd7rGA1hm64ZFN5lsJBTpfumIVJZLgL3vgOADe80d9B4x4i0FHSxIItd8mPcbODR8M6OgUX2vBFHX4HOy1OEm8oJ-y4CEBbIYFj4ombu5i8_lZ9j_7NNQ3zXklYqlw4WVKE_cT_5TFa86fIroJsZYNlmHsw_mpdeechEj4J863bj0pXXqOHq2sYGVSUaUnCLoPybtiweNuduLSbR5PuT895WXJ-9vKK3avG4gL4YBAYkECqyzMq6Ommpoi0TZITtzB8pCpayRcLR5CRb_jremXAAcMUKR3IuQPyMABSJtj6DdVsHTbG3qnk8o-d7cEyBISDoK0eR3WVuFDErSSy2uEd6vfzHugJSldAlMFCBM&ext_cid=224906&px_id=73529500&min_cpm=0.0034945246943458496&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=558294707596832439&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03162566010952003&cpm=0.019575821329025328&verify_hash=c997dc20c8a42b0810c663b087104127&is_native=1&real_bid=0.019407469332804007&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,33,5,98,130,4&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=2&expiration_timestamp=1715307525&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=ad16f8e9-e876-46e1-9024-59424822fe05&prev_step_diff=744 HTTP/1.1
Host: 1e7942d985.fff2788093.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 May 2024 02:18:45 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg | 45.133.44.25 | 200 OK | 10 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hashd27321438be78f72c18f84cecb85c11e 31084685ba871245f90f4ac23949bc4aa37ce39b d08796c038822a8e5b0b8f249dda868ce114459c911091b0969acf32df501b98
GET /m/p/0/777/777156/conversions/3b69WTpe-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:45 GMT
content-type: image/jpeg
content-length: 10147
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:54 GMT
etag: "66159ab6-27a3"
x-request-id: a42fb51f65ac1ae8733899620e4ac07b
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=wHX--pzUJ0q-EQ10mk32Lna2MtNESr8qIziZ121IgGYr3l8ePm5dBNDEwhc2nf4K7pocyGmn2FVSdw2WU_HGt-AWyUlmR8irZFz9wjYr9wSdJ2d592ZsZQINDgWzN8fpaXpUfDEMqsI9MKRYNoUt3BB1fsbRGS9fiMdj8iyDQvMYZBsaNDDk6uegyyyr3n_dx_SaUAhgYUekuVkIdozJWcLE-bpDzSY6o_qK27tzYTb_g5-OUr7jhLUnBn6S0Sh5gz2LNgALdI1fbAQ-5XM25LFD7Xmnvs4FqBLM47WTcgO922GBznKJakBn8ndMcUxm3NboX9djp2SIgeDu3C4YKm7365H38yo6UKft-0msTl1Pr2yI5Kl6_G1zMPxBfjBkL0cyZPRG3w6ORngsyALuZliRL7IxS_V16mVgCpEvUJ00LTI8XqU7tCd37LktyVVnDyzGcpe5SsMaNCyADh3V5cCMAGzAF_Fhm8bRvNGDQN2MM1HhqQwTpUQcwVOo2ObJcDz0HbaSjEbTp-0CXYPHfSjonlFkJY9hmbb6oGXEKARpIjWiQ01xBF-ff9WxNETJaHnvCDCElqWc-s4SjhFN_0dLcBLCt3AEgZAbaB3YXa4eXICi9qKdGccljA29exRSk28Msb2JtH3es3iI54l9zlV98rskGBF3kG2XYFZuC-s3NnwUz0RJy6iFF5BEc0rqzVtIGHyXfQTNnreJwtAZ9WYmLBtd3tehv5udAh-yDqJcfF3Y3XlE1uAXSRK-dpcX1UZ-nTytYNYLYTbi3Rlo6pY4CLqRlCtOYlV_p87XzT0jNnamqE1mN7j7_Py81Vjjet1du37Y7AInwps8sZele361MG18cQvUBoeLNSb5dcMDkNcCVkEkzgfo3Oe9&bid=0.019575821329025328&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=df2c81db-3fe9-4f9c-a8fe-a2a0dc5636f3&prev_step_diff=743 | 172.67.185.171 | 302 Found | 0 B |
URL GET HTTP/3p.a64x.com/in/tip_shows/?katds_ep=wHX--pzUJ0q-EQ10mk32Lna2MtNESr8qIziZ121IgGYr3l8ePm5dBNDEwhc2nf4K7pocyGmn2FVSdw2WU_HGt-AWyUlmR8irZFz9wjYr9wSdJ2d592ZsZQINDgWzN8fpaXpUfDEMqsI9MKRYNoUt3BB1fsbRGS9fiMdj8iyDQvMYZBsaNDDk6uegyyyr3n_dx_SaUAhgYUekuVkIdozJWcLE-bpDzSY6o_qK27tzYTb_g5-OUr7jhLUnBn6S0Sh5gz2LNgALdI1fbAQ-5XM25LFD7Xmnvs4FqBLM47WTcgO922GBznKJakBn8ndMcUxm3NboX9djp2SIgeDu3C4YKm7365H38yo6UKft-0msTl1Pr2yI5Kl6_G1zMPxBfjBkL0cyZPRG3w6ORngsyALuZliRL7IxS_V16mVgCpEvUJ00LTI8XqU7tCd37LktyVVnDyzGcpe5SsMaNCyADh3V5cCMAGzAF_Fhm8bRvNGDQN2MM1HhqQwTpUQcwVOo2ObJcDz0HbaSjEbTp-0CXYPHfSjonlFkJY9hmbb6oGXEKARpIjWiQ01xBF-ff9WxNETJaHnvCDCElqWc-s4SjhFN_0dLcBLCt3AEgZAbaB3YXa4eXICi9qKdGccljA29exRSk28Msb2JtH3es3iI54l9zlV98rskGBF3kG2XYFZuC-s3NnwUz0RJy6iFF5BEc0rqzVtIGHyXfQTNnreJwtAZ9WYmLBtd3tehv5udAh-yDqJcfF3Y3XlE1uAXSRK-dpcX1UZ-nTytYNYLYTbi3Rlo6pY4CLqRlCtOYlV_p87XzT0jNnamqE1mN7j7_Py81Vjjet1du37Y7AInwps8sZele361MG18cQvUBoeLNSb5dcMDkNcCVkEkzgfo3Oe9&bid=0.019575821329025328&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=df2c81db-3fe9-4f9c-a8fe-a2a0dc5636f3&prev_step_diff=743 IP172.67.185.171:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=wHX--pzUJ0q-EQ10mk32Lna2MtNESr8qIziZ121IgGYr3l8ePm5dBNDEwhc2nf4K7pocyGmn2FVSdw2WU_HGt-AWyUlmR8irZFz9wjYr9wSdJ2d592ZsZQINDgWzN8fpaXpUfDEMqsI9MKRYNoUt3BB1fsbRGS9fiMdj8iyDQvMYZBsaNDDk6uegyyyr3n_dx_SaUAhgYUekuVkIdozJWcLE-bpDzSY6o_qK27tzYTb_g5-OUr7jhLUnBn6S0Sh5gz2LNgALdI1fbAQ-5XM25LFD7Xmnvs4FqBLM47WTcgO922GBznKJakBn8ndMcUxm3NboX9djp2SIgeDu3C4YKm7365H38yo6UKft-0msTl1Pr2yI5Kl6_G1zMPxBfjBkL0cyZPRG3w6ORngsyALuZliRL7IxS_V16mVgCpEvUJ00LTI8XqU7tCd37LktyVVnDyzGcpe5SsMaNCyADh3V5cCMAGzAF_Fhm8bRvNGDQN2MM1HhqQwTpUQcwVOo2ObJcDz0HbaSjEbTp-0CXYPHfSjonlFkJY9hmbb6oGXEKARpIjWiQ01xBF-ff9WxNETJaHnvCDCElqWc-s4SjhFN_0dLcBLCt3AEgZAbaB3YXa4eXICi9qKdGccljA29exRSk28Msb2JtH3es3iI54l9zlV98rskGBF3kG2XYFZuC-s3NnwUz0RJy6iFF5BEc0rqzVtIGHyXfQTNnreJwtAZ9WYmLBtd3tehv5udAh-yDqJcfF3Y3XlE1uAXSRK-dpcX1UZ-nTytYNYLYTbi3Rlo6pY4CLqRlCtOYlV_p87XzT0jNnamqE1mN7j7_Py81Vjjet1du37Y7AInwps8sZele361MG18cQvUBoeLNSb5dcMDkNcCVkEkzgfo3Oe9&bid=0.019575821329025328&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.11&cpa=df2c81db-3fe9-4f9c-a8fe-a2a0dc5636f3&prev_step_diff=743 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 02:18:45 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6rIb5gIcdrAA%2BYx5657pE0pVbE27sfXfcs0IOv7TWA3HdU3y4MRkyG66e81x%2FEyCv1R2uk1voyQqJBPq1zwTmb%2F1XSXmrZHK2wyoynmVnitA0PqeQXEv37S3gWk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f6051a615687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg | 45.133.44.25 | 200 OK | 3.0 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hashbbd50a964fd18363b647225883bbb908 960383ba8379454c49adc0ed9c0faf681a898d61 58deb046cbfa7bfae5ed5290686bda50b55be2bf0ea62f1577ca135a8fdeb10e
GET /m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:46 GMT
content-type: image/jpeg
content-length: 2972
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:46 GMT
etag: "66159aae-b9c"
x-request-id: bcbe6ea9e5034af8477860eea5b5ead2
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 492
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Wed, 08 May 2024 02:19:03 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8805f671caaa5688-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.106 | 200 OK | 799 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (817), with no line terminators Hashc493231efba2219e3348f16e938d7380 95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.mbidinp.com/npc/sdk/wpu/npush.m.js | 45.133.44.52 | 200 OK | 169 kB |
URL GET HTTP/2js.mbidinp.com/npc/sdk/wpu/npush.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectjs.mbidinp.com FingerprintB8:EA:0B:88:14:F5:73:F1:FE:F1:D5:59:09:E6:70:08:F2:1C:4A:5C ValidityMon, 22 Apr 2024 03:00:30 GMT - Sun, 21 Jul 2024 03:00:29 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.mbidinp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:40 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yn0AkCEa8U%2FYbW2VbNN746Q7OOGQD%2Bsb%2F2VrmR1ickGpOIPcXRvy8dCmM898AlDP5q8RFr0vu457F%2B%2BhhFIUklG34qyRKpAZm1WY%2F33qHBWNw7AeahSBqC1sFMm34VXVq9Ye5eMrVggndg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e62cf55688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=37436089-67b0-4ffd-9a38-e8c10cbd28cc&prev_step_diff=956 | 45.133.44.24 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=37436089-67b0-4ffd-9a38-e8c10cbd28cc&prev_step_diff=956 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash0d8658fffe797e7ba8f20c52ab367a97 cb0bd2b16388846dfa0b3f6da917d95b5abd7f68 debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4
GET /creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.04&cpa=37436089-67b0-4ffd-9a38-e8c10cbd28cc&prev_step_diff=956 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:41 GMT
content-type: image/webp
content-length: 1052
server: nginx/1.24.0
last-modified: Mon, 11 Mar 2024 13:45:15 GMT
etag: "65ef0aeb-41c"
expires: Thu, 08 May 2025 02:18:41 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.106 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=00805680ff3c42e1fd8c88f9a23d8777 |  139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=00805680ff3c42e1fd8c88f9a23d8777 IP139.45.195.8:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashab5f510b7a4129917eac8bc9252b0f01 3d3011fd33f7824c7efa978dcba01c8e3914525f c633fc916a1c912e76ff6f5a5b724d6e4ae68e6f7842cc6cf5cfb35e4551538f
GET /gid.js?userId=00805680ff3c42e1fd8c88f9a23d8777 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00805680ff3c42e1fd8c88f9a23d8777; expires=Thu, 08 May 2025 02:18:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwVJJynO5HfG285E9n8QNiuaKrVN5R2ZKj%2BdNk7lAy8LsUTjKABorllyv8YXBh86JbjUT5JPyDKG4uT3XKUCG7ORfENeC%2FIHfu%2FzxS04BVCZNSmC3XSt3EIYnCPdbK1s10reKfT7sEH%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e24b575688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2W5V1Y6x22sdpr%2B%2B4AU27thYbBtSW39Bv8cLW2%2FZzEz2BzUIO7%2FucTfSufQ0GphS23XaH8wP1o2ZJnT42vXzcFqNKxMXoMOQo%2Fn3Os1%2F75dwc5nm2qiN4iTondrfd8ppJq37UYVeqirKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e32bac5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.201 | 200 OK | 158 kB |
URL GET HTTP/2mpougdusr.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint96:80:FC:87:80:4A:3B:59:5A:2E:82:5A:B8:1D:9D:47:78:21:AA:66 ValidityWed, 01 May 2024 14:41:50 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hashc6ea5aedb4469e81f7d41b0eec41f409 7d7edc7b87462fb56c5e3c17c86bebad542d1d6f 72ad45cf0dd548c1f9611c35289dec90c22375b45bf1aa33d6a14ac7f896865b
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: mpougdusr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:37 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 08 May 2024 02:23:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PyDOiwnfdAVuhB8H0f80yrSe0xSScer987oQ%2Fy5oAXUH9VRDHMNGux2ggwhP81VfmquW4XsRtnUgrR7L1CzImLLd9nIqXrRk049tlb3JIjsgTj9P6IvDSplZVcQ9Y9YCakOc1GMqNY7aNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e36bc25688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/includes/update_visits.php | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/includes/update_visits.php IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /includes/update_visits.php HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 50
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8; cf_clearance=fK.HDBnVL_9t2MQGCeoJH_fE59Mwnvqjj2RajdXUyDE-1715134719-1.0.1.1-UXzQEH8VjUOpjbB7Jg4U_gr8pKkF2up7PWfGTxYgSAWNmyBvUHg9GGlqzuIJKaxhMPByCFVaYz1Ut8GLnjT6hw; prefetchAd_7446033=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:54 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FL62IwYlkfGzLWkAPE7odpOx%2FvyUfeWT12b2AAU5k6VRE4uiXrPv3EpxfSG6FLvx6yHKhESAtBHwnui3M6JmfoIsst%2FXKMX7RlD1wvz7VFX6mKOsvPZBSVNHjfPw5j3gfCa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f6377e645688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.mbidadm.com/static/scripts.js | 45.133.44.53 | 200 OK | 1.7 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1884), with no line terminators Hash920f349834adf2faa94a7c6047814e52 34557304112fe9d61f23b8f89ceead6db43b98d4 2ddd6ffb00a0971092562d2c424678425e8496d315e38967a4ca2e26fdcfeafc
GET /static/scripts.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:37 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:54 GMT
etag: W/"663a186e-6c4"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:37 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVrlpNGlY0bwYuy%2FmLqZYLfAiAqlpkcbV6CYkGJH2i6l%2BIsFDXmih%2B3EbkXG%2FsGjWy681mCdsZfjYKVSnjbtULvTJldFEpjmz8qYj2aCV1%2BrVz63aEOV8jLk3DjuVLnTg4QZAJokyov3pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e68d075688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js | 104.21.40.89 | 200 OK | 7.8 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7849), with no line terminators Hash176b1012f62393f58b612ac460dd8408 dc5a1c26b17dce98c9d5e0841826660be697e98d 971c058ee9d12411541aedbbd5ff3bda17d2d9c876ca61210d695b5802437ef7
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:38 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mylrDJjUs6ILcHfCTBBRMAN8vM5kR7cPDC87SYweU%2F5UDylj4gskhwRTFmpMfhRlp8VRJDrO1RZm6ZIW9yb2J1JelqPq0f1nCEa4ur5cqYdmnq8RmYhOXIc4zuYyGjevk%2F7D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5d97fec5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1202bb3601.29972123f3.com/edd3f584431195a64a2c615d7550e6a9/161855?version_name=d | 45.133.44.53 | 200 OK | 2.4 kB |
URL GET HTTP/21202bb3601.29972123f3.com/edd3f584431195a64a2c615d7550e6a9/161855?version_name=d IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /edd3f584431195a64a2c615d7550e6a9/161855?version_name=d HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:38 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 08 May 2024 02:23:38 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 1202bb3601.29972123f3.com/569f22a889f80ae5fb51436365dfe21c.js | 45.133.44.53 | 200 OK | 101 kB |
URL GET HTTP/21202bb3601.29972123f3.com/569f22a889f80ae5fb51436365dfe21c.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject1202bb3601.29972123f3.com Fingerprint75:6B:15:49:55:01:42:44:F7:47:B8:56:B1:92:DE:3D:8F:41:D0:21 ValiditySun, 05 May 2024 02:20:34 GMT - Sat, 03 Aug 2024 02:20:33 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /569f22a889f80ae5fb51436365dfe21c.js HTTP/1.1
Host: 1202bb3601.29972123f3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zokaukree.net/5/7446033/?oo=1&js_build=iclick-v1.788.9-auto IP139.45.197.245:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3160), with no line terminators Hash5eb7c890708be9a4ec96f94c6b4279a0 7afc3e26ecedc5e12e70439b1345fda889bc33e2 1dda834634095e62449fbf8b7e8e7e3825f5215b88a4ba4a5a8d475cea8d7c92
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5/7446033/?oo=1&js_build=iclick-v1.788.9-auto HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:39 GMT
content-type: application/json
x-trace-id: e36e5b7f90acf038b6752729bf868252
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00805680ff3c42e1fd8c88f9a23d8777; expires=Thu, 08 May 2025 02:18:39 GMT; path=/; secure; SameSite=None
oaidts=1715134719; expires=Thu, 08 May 2025 02:18:39 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BdiAxkMAN0dlG6%2BVpnIm6fKLGs7ja4%2BpbCHgSvL2G1I16ZNrUAeSwwi9ar03ke%2Fu42ETXP4gXQYcXBJvKDNQgNU1IKZRH%2BF0WoPlkfAAoXnhT3hJyUsfCEctaFQL8eFpYngKQdAvexdn%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e6cd255688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqu3ubn%2FDXFv%2FJbOt%2BNX%2BxVQQjpl69mEFKlG5VUNjnDn%2FOnxSQiSqaZgXyBeRMDDta9ZMtaAzk5w%2FDU0Iuf8MztkX4fuNQZIwFYSh5NDm8R6bB1TT1VgwJ%2FklbrIrDAFG1YsEICPiGvzIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e8ddea5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSnIV6mVKbyQaVYAm0DO61cGk62V0rYGLRkKyJtYb2ucPiXAb%2Fn6Bz0grCWhyNq6pROAjSfZAIk1fdPsdj88QJs7NOZFchMTW2wANMWJ0ac4YJ%2BG6rO8lRhJbc6I%2BRLe7Jv004sBX8GETQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e44c225688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xizz23lKE9Z582TNSnM6YutNY%2F9ctWwornflPus83mWGiNloe3QJmsfr5I9bkgQfSmOMtCHGH%2BLK0eODhPBc7kfWiNyhWyK5PfDEMinhP%2FpQlk%2BknerHxY1qtdu86iE4VOhru%2BY7KfLgvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e97e275688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| js.mbidpp.com/popunder-admanager/build.m.js | 45.133.44.53 | 200 OK | 101 kB |
URL GET HTTP/2js.mbidpp.com/popunder-admanager/build.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectjs.mbidpp.com Fingerprint5B:B3:95:84:D0:2B:0C:9A:68:98:53:B0:A4:A5:68:88:B2:A5:5F:82 ValidityThu, 18 Apr 2024 03:01:11 GMT - Wed, 17 Jul 2024 03:01:10 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.mbidpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:40 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1E3mRuoACviz9Pi8zzZigFqNzLEtzyR3BXdaR3TluCn%2Bcm7EUYOWc1KV0gyclP4m1zxqCt1g%2F%2B2XdQOo5cBdpnRTUoUa35JZzFwGP7%2BNIS82Uw3ZShgJ6XtsIRMa%2BiKvKmDWWhb6QjgK1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e55cae5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/media/favicon-16x16.png | 104.21.40.89 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PjRNlEPBJHnAHlvGpZXfNEdcX0jlPPiOFOsmE3yqvaaFSwgeeLC51KDZgpbd055ed1NNcB2KLmewCzHELMwfXQrIQ%2FD0crypNDZ3q36GqbncaeIfNEKXM7n%2BwLq9votnI15b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5dbf8d25688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yX3pP2nDW%2B7lKcyuY7yL3mDl8grwLzlKAmWY5nKTcOtCmBSHpWgaV9olLVKh%2F6BFasu%2F5mqaAsSp63dVXqSWrkq4vpBPL%2FtTUh37IOlkoXl2cKpoI1qQ5i4tAb2zv2ToaTV0S0aaad9Lfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e5ecdb5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSqijMoCG0R66i9wUtCjnPFVVUQnMM5uDRHWbUeI7IM%2BF83CwrQ8jUdMQkvC%2B8e9j7tvUtgvavAGIs9v0loI4k9%2FKBH9p5Ei2FndDJKAG%2F1wGnS2aD9MOOQY8LJ%2B6i9z92O4jKRifDSgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e91e075688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.40.89 | 302 Found | 7.8 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 02:18:38 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smh7Uq5KFK0ggV2MjikqDaZqehVSfySc507NHSVj93EEuFBuVCROheY8tk4740Jjiuc28GFMGt1O%2FdeTUKHSNuJuHfClkO5%2BqWwun05NuEHssW0uZVodpYARO%2FA7aCyOUDSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5d7ef575688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 98be3ad1d2d16f77d9dac4a6adaeb651
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2KYTNuJZDCzEmg5gUC5qMXI0d6yOwBKfCblqMs%2FHpAqKuRDydzWwDDt7bzfnL0MCZsV9zZ3MPetYqQwyLSFf%2BtMEDswmmrYByVJpRS%2Fl5mvT%2F39rezQ4m%2FBxu5ZS5wnW%2FgQ9%2Bwtb%2FeJfaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5deda3e569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png | 172.67.25.161 | 200 OK | 43 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png IP172.67.25.161:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Hashbec3572ed077c92240ef0dd7dc17231d e278cd647e65b5f04ba1d582d05f76d5dfafd125 eb304641419d09e779018fe3bf31596d3ed3ad0d4ab05c716ce626152aa417ec
GET /pn/082/d6d/41f/082d6d41f9bd3220a660f2a4108986b2b367f0e4.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: image/webp
content-length: 42912
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=66221
content-disposition: inline; filename="082d6d41f9bd3220a660f2a4108986b2b367f0e4.webp"
etag: 20c64ca88091db62ea69001a7382f005
expires: Fri, 10 May 2024 00:45:35 GMT
last-modified: Mon, 23 Dec 2019 08:43:03 GMT
vary: Accept
x-openstack-request-id: tx9d94ab9f187b4137bb135-0061b079d0
x-proxy-cache: HIT
x-timestamp: 1577090582.49776
x-trans-id: tx9d94ab9f187b4137bb135-0061b079d0
cf-cache-status: HIT
age: 5584
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8805f5da6e6c5685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ymi9DVPuvegIy9ut7%2BYuYhl1TiwV2uAf84i3VRUJM4wiBlW76bdODolLGXaZkpy7Bdhqj7MEF24QYnZ0b0cnp6o4CWokjimwarVMHJmpt9w3vDfyHnXQJC28UViyC4Z5XBLA3OIQLG3gcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e4cc7b5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.165.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.165.84:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:MBvMNtVQyn9S5k5ZoKNWhnxGIPemHQ:CpttGVdsqlgZGGqG; Expires=Fri, 08-May-2026 02:18:40 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 02:18:40 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxT7jBHKX2Dom5dA6D-m16ubvkxvf50SoFUZZ7ltN4tN4vgItJo0hQ84RDuBKzLDJ5YSWd-LA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-TclleSXpMe4rDwVXijrqyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0n4DzxRbG99TtU%2B17PxBSO0AWGAMAHwBSVhtMvE3SVsoH8JHCCSMc%2F%2F43LD16I2QACalZX2lUs3ivUk45fwjOvxjGyNTb0HyAEUoJnGF9AKv1xfSJMDMvpQR%2FBkr5OBy1xzNIuo2SOvJHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e2eb8b5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zovidree.com/tag.min.js | 172.67.166.14 | 200 OK | 90 kB |
IP172.67.166.14:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectzovidree.com FingerprintE7:A2:02:40:34:64:74:90:8F:C4:F5:DA:6D:7F:08:2D:33:29:9A:FD ValidityMon, 22 Apr 2024 15:25:10 GMT - Sun, 21 Jul 2024 15:25:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7573260aff69fe8406b0115ab4bcefaa f7f5c31f2481bd176a9b79deff1b7c0d4878f87c 280186476a1f8103793e2139d4654b16f61a2a1d393966388f55b8ed795ebba3
GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:38 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1a13b2616487079790d1ad15928b1eb9
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:51:41 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 May 2024 03:11:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 83196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qY%2FHWHXOpeRTsNCG0CJsGR8aOeiX8Q0wmq%2BHWDeHElQ9BjbI7jXnBo5asNRi25WBXXMJytB6InZyJZDXG8exN3ochWnIbCCcX9zzSU0FawYe8YnsG12e3MkkPAFOKYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5d7695b56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/2storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 02:18:39 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frdTz2JOslVz3xnFmMvdNv64Zp6t4YCkGdpBcZyIgmKuv%2F6lcRwkeBDPyujUTRhtwOAAwOZNYAHAoS5s0rQnJDKnk%2BvzMmJdzOc8JI7HpzyvXOllFDPu31oPDlqIGuNveUcrxEU8DfFBvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5df28f47128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 32879.2481april2024.com/jCNDCoU0PQrhZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq6lubuKcQkfSbpO5aMweYRDiAPHbLCN-Sjn2g?kws=video%2Cparis&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Wed%20May%2008%202024%2002%3A18%3A38%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.2 | 200 OK | 1.5 kB |
URL GET HTTP/232879.2481april2024.com/jCNDCoU0PQrhZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq6lubuKcQkfSbpO5aMweYRDiAPHbLCN-Sjn2g?kws=video%2Cparis&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Wed%20May%2008%202024%2002%3A18%3A38%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.2:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subject*.2481april2024.com FingerprintFC:0B:87:DF:4F:43:9B:81:FD:04:D2:4C:5C:79:77:1B:C6:BB:F4:49 ValidityTue, 02 Apr 2024 14:41:38 GMT - Mon, 01 Jul 2024 14:41:37 GMT
File typeASCII text, with very long lines (1479), with no line terminators Hash119c258ec159196f413ece6770acd90c e9bcd2e0b9990012c4780b6faee557c60950e5fa dcf16c103a6b3658a16638d4b368347166a93c208c07ffa4401dedec087117d1
GET /jCNDCoU0PQrhZtczvVjGLSdOmtkRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq6lubuKcQkfSbpO5aMweYRDiAPHbLCN-Sjn2g?kws=video%2Cparis&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Wed%20May%2008%202024%2002%3A18%3A38%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 32879.2481april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Wed, 08 May 2024 02:18:41 UTC
expires: Wed, 08 May 2024 02:18:41 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:41 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSTbWrUGaTHBeuubIpMNxsJElE%2FGhNN%2FD1AL%2F0tajwKh8hhmnLEPHtIpo1ucaoFJZKODhtxvhdgWky4qiuS01EjaGdK%2BmZBaD40%2BuZbqIGSAPn8aN0Zu5bODWUNvJlA7bNxKq75q79m5zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e82da35688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Za49BpB88mq96iHBuZIpYzpDhvaNoOvmm2n3nezVT6Qb1Rv52PLteOskwQNH8ZCm2TT7n4JvYRL1srLT2Mo%2B1q1ZUKugwZ2e1O9nGm6vYSxcLd8MkfJR18GUubTC2uM%2B0ROwqY5jWyWmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e40bfd5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jphJy8qz09pXexjEWisFtJLcopZOc6NsCVjgtOx4ZoAax%2Fo%2B6swSiJ9sZjBfoKlVCsthv7ZdDLRW%2Fylo2S3UjUiU14c47zX58zhUO7L96MoH3eeAkw91uItOVBLNDfeai1bQtKlxgDn0kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e51c8e5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.106 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 172.67.41.16 | 200 OK | 366 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size366 kB (365681 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:37 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 626805
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5d09eee56ba-OSL
X-Firefox-Spdy: h2
|
|
| bid.mbidtg.com/tags/179977?version_name=d | 45.133.44.25 | 200 OK | 2.2 kB |
URL GET HTTP/2bid.mbidtg.com/tags/179977?version_name=d IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectbid.mbidtg.com Fingerprint62:EA:1B:EE:02:E5:88:CC:26:72:9B:BA:BF:B3:B6:2B:67:14:74:67 ValidityWed, 01 May 2024 03:00:45 GMT - Tue, 30 Jul 2024 03:00:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2494), with no line terminators Hash6dd06c3be91240ac87d476628c579d45 7c9f39156f3db5c6c71d1ea5a218d3b5846fa8e8 3c8c08c131dffa0910f3b5e37167775faebe95977cd2752a5471c60963851c13
GET /tags/179977?version_name=d HTTP/1.1
Host: bid.mbidtg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif | 172.67.25.161 | 200 OK | 143 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif IP172.67.25.161:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint50:5F:A0:91:53:C9:C9:E3:5D:EA:53:42:E8:5B:81:FB:DE:7B:1E:2C ValiditySun, 28 Apr 2024 04:53:51 GMT - Sat, 27 Jul 2024 04:53:50 GMT
File typeRIFF (little-endian) data, Web/P image Size143 kB (142898 bytes) Hasha3ef7f4652e064704fb9063bd2c44761 f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3 ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Fri, 10 May 2024 00:45:22 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 5597
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8805f5da6e695685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.106 | 200 OK | 420 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.106:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash75f97bdeb174d8b64c2078ceff6726a3 beb63d63eb0398c4e6f15b6f2ad83c9fd7ef272d 0dd00245b771e2aada55e76fe50ee64c186e9413f70b1fc54da284a2cab024c6
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 02:18:37 GMT
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPWLrCbavcgvVoqaCrM37veNLLONlkG6mCcCDIQfobKcbiY3HyXPRl1TWriguDLbjRhw2UjPNLZHXF9KAYgECkE5kEzviLii%2B%2BZ2FsPg62TiblJYVwNTtIQYvjrBAxF%2FD9KSHia%2BaROcFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e3bbe55688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8SDiodktN0rzjtQ7Oo4Cipkqh8nmyjUGeWh0Sm0jkGS%2FIBqcOdTh44RDDJJzOJeajNhdVtAAyHNtvNHBRnd1iU6OCAsDWqj7cADFzipYot64qeuxXT8wORGmZS2TnOTwaCJrriqqtZfjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e48c475688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=9cfac660-b332-4480-b321-7ae4f6469269&prev_step_diff=744 | 45.133.44.24 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=9cfac660-b332-4480-b321-7ae4f6469269&prev_step_diff=744 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash0d8658fffe797e7ba8f20c52ab367a97 cb0bd2b16388846dfa0b3f6da917d95b5abd7f68 debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4
GET /creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.11&cpa=9cfac660-b332-4480-b321-7ae4f6469269&prev_step_diff=744 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:45 GMT
content-type: image/webp
content-length: 1052
server: nginx/1.24.0
last-modified: Mon, 11 Mar 2024 13:45:15 GMT
etag: "65ef0aeb-41c"
expires: Thu, 08 May 2025 02:18:45 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/ | 172.67.41.16 | 302 Found | 366 kB |
IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 02:18:37 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::2hfjr-1715134083432-6a808a908027
cf-cache-status: HIT
age: 454
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5cf2e6156ba-OSL
X-Firefox-Spdy: h2
|
|
| js.mbidadm.com/static/scripts.m.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2js.mbidadm.com/static/scripts.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectjs.mbidadm.com FingerprintCA:45:B3:CA:F7:B8:6E:BC:AD:15:14:54:8B:69:08:1F:93:CC:C1:80 ValidityThu, 18 Apr 2024 03:01:13 GMT - Wed, 17 Jul 2024 03:01:12 GMT
Size109 kB (109409 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/scripts.m.js HTTP/1.1
Host: js.mbidadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:38 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 07 May 2024 12:02:58 GMT
etag: W/"663a1872-1ab61"
content-encoding: gzip
expires: Wed, 08 May 2024 02:23:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8805f5cb6aadb50c | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/8805f5cb6aadb50c IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8805f5cb6aadb50c HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12189
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch.php?id=187592aa4e
Cookie: PHPSESSID=0e193904266e2ce3bfed5550f61233e8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 02:18:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=fK.HDBnVL_9t2MQGCeoJH_fE59Mwnvqjj2RajdXUyDE-1715134719-1.0.1.1-UXzQEH8VjUOpjbB7Jg4U_gr8pKkF2up7PWfGTxYgSAWNmyBvUHg9GGlqzuIJKaxhMPByCFVaYz1Ut8GLnjT6hw; path=/; expires=Thu, 08-May-25 02:18:39 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BknDPwjtp3xeKORZEEaElq8FVMXuUIiWyqb7udCpAlQ0qXuZIBXleMRAshYy8hPIHjeAVvemvUEvmAFt4ZYgjz%2FlafaM7im%2FQaBBp5dKlXQi76N%2FiZECniNU5AsOUJeALFm7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5dbf8d85688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| storage.mbidstorage.com/log/count.html | 104.21.65.172 | 301 Moved Permanently | 0 B |
URL GET HTTP/3storage.mbidstorage.com/log/count.html IP104.21.65.172:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectmbidstorage.com Fingerprint8C:81:E9:1C:1E:C6:E4:E4:7B:C3:13:B8:D1:10:9D:F0:54:1B:0E:95 ValiditySat, 27 Apr 2024 08:20:36 GMT - Fri, 26 Jul 2024 08:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log/count.html HTTP/1.1
Host: storage.mbidstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 02:18:40 GMT
content-type: text/html
location: https://storage.mbidstorage.com/log/count.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxBEikCY4YvHJ%2BCuf%2B22UtynjyoUD3XrS7GbDUS25sPyDP0szwwoPTCDloG9vcxu8fMn9uaEsXtrx10Zs%2FtI4GlvAnBLbcE7NS1Ihq6W5J4EhUjsFDp6JLEMkxabzpfeTsWtvCNLA%2FAyYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8805f5e59cc35688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 | 104.16.80.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19189), with no line terminators Hash4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 02:18:37 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Mon, 06 May 2024 19:01:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805f5cf1a2456af-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clv6984lhk76de1bn0y7x7&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430752463415808&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 2.9 kB |
URL GET HTTP/2b57dqedu4.com/get/2020088?zoneid=2020088&jp=_clv6984lhk76de1bn0y7x7&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430752463415808&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerBuypass AS-983163327 Subject Fingerprint17:76:24:C2:1F:79:27:A6:BF:60:AC:48:E1:7E:44:F5:FA:36:EB:6B ValidityWed, 01 May 2024 14:25:07 GMT - Sun, 27 Oct 2024 22:59:00 GMT
File typeASCII text, with very long lines (3196), with no line terminators Hash99c8a11bd1ed399d89fd081574b4668e d73cf412ec0ec0a36c72d04009aa3803c50ee7af 360f421bd5cc30c5559d58cdb70a016c93474c1a3c26b898407e5302bba91167
GET /get/2020088?zoneid=2020088&jp=_clv6984lhk76de1bn0y7x7&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=7430752463415808&eclog=0&im=1&uf=0 HTTP/1.1
Host: b57dqedu4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:38 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
UID=24050721182ae9a48bdac54acd9acea33a80; Path=/; Expires=Wed, 11 Jun 2025 02:18:38 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| glakaits.net/?rb=-zDhTW-G9YReZ5HFp1o5cM3L7TEWhUFH_GD9L6NA3Jsr5EiiWibwyi0TVgnrKV-SHTDX6spndy5TLUjh0wg5byxAkYSu_uHKwy5B7kvsh4zU7BnNN-p1eLLLpr5Re0eLyfb9LpIKitH3oQNquuDm-ir7GvPTmdQXYo18IR8oaUqwmLx7QtBFXDuJ-Tg2lEquZc43y3L7QeHnAyD9vfbdAbn04mQ-YVOciobUQCojiviFCSttJbstlLwQyrxeLLSBk-R4M6rTliYpovVi&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=cdf1d635-fcf0-40c8-b2ff-1b1069fe8a58&wasm=1&userId=00805680ff3c42e1fd8c88f9a23d8777&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2glakaits.net/?rb=-zDhTW-G9YReZ5HFp1o5cM3L7TEWhUFH_GD9L6NA3Jsr5EiiWibwyi0TVgnrKV-SHTDX6spndy5TLUjh0wg5byxAkYSu_uHKwy5B7kvsh4zU7BnNN-p1eLLLpr5Re0eLyfb9LpIKitH3oQNquuDm-ir7GvPTmdQXYo18IR8oaUqwmLx7QtBFXDuJ-Tg2lEquZc43y3L7QeHnAyD9vfbdAbn04mQ-YVOciobUQCojiviFCSttJbstlLwQyrxeLLSBk-R4M6rTliYpovVi&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=cdf1d635-fcf0-40c8-b2ff-1b1069fe8a58&wasm=1&userId=00805680ff3c42e1fd8c88f9a23d8777&m=link IP139.45.197.242:443
Requested byhttps://www.amdahost.com/watch.php?id=187592aa4e CertificateIssuerLet's Encrypt Subjectglakaits.net Fingerprint1F:46:3E:C8:C5:6A:64:F5:29:66:0F:5C:6E:CD:48:77:10:EA:26:02 ValidityTue, 07 May 2024 18:52:12 GMT - Mon, 05 Aug 2024 18:52:11 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2348), with no line terminators Hashd2e10bd881ab102d5cbc5608a04350e1 3714b639c286f07fec11497f4f8a41e650e1dfdd c4151c2e0fdedd8b795aa2935c85b2b7846dc55d5ae6a3d72cef816f62664761
GET /?rb=-zDhTW-G9YReZ5HFp1o5cM3L7TEWhUFH_GD9L6NA3Jsr5EiiWibwyi0TVgnrKV-SHTDX6spndy5TLUjh0wg5byxAkYSu_uHKwy5B7kvsh4zU7BnNN-p1eLLLpr5Re0eLyfb9LpIKitH3oQNquuDm-ir7GvPTmdQXYo18IR8oaUqwmLx7QtBFXDuJ-Tg2lEquZc43y3L7QeHnAyD9vfbdAbn04mQ-YVOciobUQCojiviFCSttJbstlLwQyrxeLLSBk-R4M6rTliYpovVi&request_ab2=0&zoneid=7446033&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fwww.amdahost.com%2Fwatch.php%3Fid%3D187592aa4e&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=cdf1d635-fcf0-40c8-b2ff-1b1069fe8a58&wasm=1&userId=00805680ff3c42e1fd8c88f9a23d8777&m=link HTTP/1.1
Host: glakaits.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 02:18:40 GMT
content-type: application/json
x-trace-id: e11a005c5983c7fdd33856b33d1a5abe
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805680ff3c42e1fd8c88f9a23d8777; expires=Thu, 08 May 2025 02:18:40 GMT; path=/; secure; SameSite=None
oaidts=1715134720; expires=Thu, 08 May 2025 02:18:40 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 02:18:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|